summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorPatricio Cano <patricio@gitlab.com>2016-11-01 17:09:58 +0000
committerPatricio Cano <patricio@gitlab.com>2016-11-01 17:09:58 +0000
commit83180841f7d7cd9c65d11c7b3a7aea83f9e3824a (patch)
tree2606ff81eaabafe5eaae24f3dd7d0cd2d67e829c /doc
parent56e6f9547979d4ca1c020cbdcbc4c2b2e38c9b9b (diff)
parent66c27cf904aa2cb532d34f0cdb59e2ec72a204bf (diff)
downloadgitlab-ce-83180841f7d7cd9c65d11c7b3a7aea83f9e3824a.tar.gz
Merge branch 'patch-7' into 'master'
fix how to get SAML error details ## What does this MR do? Update to better document how to get SAML error details. Fix https://gitlab.com/gitlab-org/gitlab-ce/issues/1929 and https://gitlab.com/gitlab-org/gitlab-ce/issues/3223. Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/12705. See merge request !7199
Diffstat (limited to 'doc')
-rw-r--r--doc/integration/saml.md21
1 files changed, 14 insertions, 7 deletions
diff --git a/doc/integration/saml.md b/doc/integration/saml.md
index f3b2a288776..4a242c321aa 100644
--- a/doc/integration/saml.md
+++ b/doc/integration/saml.md
@@ -268,13 +268,20 @@ message `Can't verify CSRF token authenticity`. This means that there is an erro
the SAML request, but this error never reaches GitLab due to the CSRF check.
To bypass this you can add `skip_before_action :verify_authenticity_token` to the
-`omniauth_callbacks_controller.rb` file. This will allow the error to hit GitLab,
-where it can then be seen in the usual logs, or as a flash message in the login
-screen.
-
-That file is located at `/opt/gitlab/embedded/service/gitlab-rails/app/controllers`
-for Omnibus installations and by default on `/home/git/gitlab/app/controllers` for
-installations from source.
+`omniauth_callbacks_controller.rb` file immediately after the `class` line and
+comment out the `protect_from_forgery` line using a `#` then restart Unicorn. This
+will allow the error to hit GitLab, where it can then be seen in the usual logs,
+or as a flash message on the login screen.
+
+That file is located in `/opt/gitlab/embedded/service/gitlab-rails/app/controllers`
+for Omnibus installations and by default in `/home/git/gitlab/app/controllers` for
+installations from source. Restart Unicorn using the `sudo gitlab-ctl restart unicorn`
+command on Omnibus installations and `sudo service gitlab restart` on installations
+from source.
+
+You may also find the [SSO Tracer](https://addons.mozilla.org/en-US/firefox/addon/sso-tracer)
+(Firefox) and [SAML Chrome Panel](https://chrome.google.com/webstore/detail/saml-chrome-panel/paijfdbeoenhembfhkhllainmocckace)
+(Chrome) browser extensions useful in your debugging.
### Invalid audience
View Lorry Controller Status