OmniAuth SAML logged in as previously authenticated user

szotrj · December 10, 2018, 11:09pm

I have configued my GitLab CE application for SAML with ADFS. My IdP redirects and I get logged into GitLab using my SSO identity. It auto-creates a user. However, when another user attempts to log in, they get logged in as me.

gitlab_rails[‘omniauth_enabled’] = true

    gitlab_rails['omniauth_allow_single_sign_on'] = ['saml']

    gitlab_rails['omniauth_block_auto_created_users'] = false

    gitlab_rails['omniauth_auto_link_saml_user'] = true

    gitlab_rails['omniauth_providers'] = [

      {

        name: 'saml',

        args: {

                assertion_consumer_service_url: 'https://<domain>/users/auth/saml/callback',

                idp_cert_fingerprint: '<fingerprint>',

                idp_sso_target_url: 'https://<domain>/adfs/ls/',

                issuer: 'https://<domain>/adfs/services/trust',

                name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'

              },

        label: 'SAML Login' # optional label for SAML login button, defaults to &quot;Saml&quot;

      }

    ]

Any ideas what might be happening?

Thanks!

michaelyao98 · January 6, 2022, 6:30pm

How did you fix it?

Topic		Replies	Views
Gitlab integration with SAML ADFS Self-managed ldap	1	12477	May 3, 2016
Strange Saml login How to Use GitLab git	0	442	January 26, 2019
Problem to set up OmniAuth with SAML How to Use GitLab	1	2208	June 10, 2015
Getting error while integrating gitlab with saml as "Can't verify CSRF token authenticity" Self-managed ldap	0	2508	January 17, 2018
SAML SSO with custom idp Self-managed	1	1604	July 8, 2021

OmniAuth SAML logged in as previously authenticated user

Related topics