starred/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2026-02-07 19:06:05 +03:00
Code Issues 784 Packages Projects Releases 10 Wiki Activity

SAML integration with JumpCloud #2314

New Issue
Closed
opened 2026-02-05 03:38:10 +03:00 by OVERLORD · 5 comments
OVERLORD commented 2026-02-05 03:38:10 +03:00
Owner
Copy Link

Originally created by @galeido on GitHub (Jul 7, 2021).

Describe the bug
We have tried to do SAML integration against JumpCloud. Unfortunately, based on the configuration example in the documentation and GitHub. We have not made this integration work.

The app debug log gives the following error message

Exception
Error on parseRemoteXML. Error parsing metadata. DOMDocument::loadXML(): Opening and ending tag mismatch: link line 1 and head in Entity, line: 1

Steps To Reproduce
Steps to reproduce the behavior:

  1. Create a JumpCloud user account
  2. Create a new Custom SAML application in JumpCloud
  3. Add the required information to the Custom SAML application based on the instructions in the BookStack wiki
  4. Add the following lines to the BookStack configuration
SAML2_NAME = "JumpCloud SSO"
SAML2_ENABLED = true
SAML2_AUTO_REGISTER = true
SAML2_EMAIL_ATTRIBUTE = email
SAML2_DISPLAY_NAME_ATTRIBUTES = displayName
SAML2_EXTERNAL_ID_ATTRIBUTE = uid
SAML2_IDP_ENTITYID = https: //sso.jumpcloud.com/saml2/$example
SAML2_AUTOLOAD_METADATA = true
  1. Enable app debug log
    APP_DEBUG=true

Expected behavior
The purpose is to be directed to the login of the JumpCloud service

Screenshots
N/A

Your Configuration (please complete the following information):

  • Exact BookStack Version (Found in settings): v21.05.3
  • PHP Version: 7.3.27
  • Hosting Method (Nginx/Apache/Docker): Caddy reverse proxy + Docker (linuxserver.io)

Additional context
N/A

Originally created by @galeido on GitHub (Jul 7, 2021). **Describe the bug** We have tried to do SAML integration against JumpCloud. Unfortunately, based on the configuration example in the documentation and GitHub. We have not made this integration work. The app debug log gives the following error message Exception Error on parseRemoteXML. Error parsing metadata. DOMDocument::loadXML(): Opening and ending tag mismatch: link line 1 and head in Entity, line: 1 **Steps To Reproduce** Steps to reproduce the behavior: 1) Create a JumpCloud user account 2) Create a new Custom SAML application in JumpCloud 3) Add the required information to the Custom SAML application based on the instructions in the BookStack wiki 4) Add the following lines to the BookStack configuration ``` SAML2_NAME = "JumpCloud SSO" SAML2_ENABLED = true SAML2_AUTO_REGISTER = true SAML2_EMAIL_ATTRIBUTE = email SAML2_DISPLAY_NAME_ATTRIBUTES = displayName SAML2_EXTERNAL_ID_ATTRIBUTE = uid SAML2_IDP_ENTITYID = https: //sso.jumpcloud.com/saml2/$example SAML2_AUTOLOAD_METADATA = true ``` 5) Enable app debug log APP_DEBUG=true **Expected behavior** The purpose is to be directed to the login of the JumpCloud service **Screenshots** N/A **Your Configuration (please complete the following information):** - Exact BookStack Version (Found in settings): v21.05.3 - PHP Version: 7.3.27 - Hosting Method (Nginx/Apache/Docker): Caddy reverse proxy + Docker (linuxserver.io) **Additional context** N/A
OVERLORD added the 🐕 Support🚪 Authentication labels 2026-02-05 03:38:10 +03:00
OVERLORD commented 2026-02-05 03:38:18 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (Jul 12, 2021):

Hi @galeido,
Just had a play using a trial JumpCloud account. I was able to get things working as expected without too much of an issue.

One thing I noticed, You can directly access the metadata at the IDP URL which BookStack expects when autoloading metadata which may be what's producing that error. Instead I set SAML2_AUTOLOAD_METADATA to false and exported my metadata from within JumpCloud and then used the values in that file to set my SAML2_IDP_x509 and SAML2_IDP_SSO values directly.

So in the end my .env file looked something like this:

SAML2_NAME="JumpCloud"
SAML2_EMAIL_ATTRIBUTE="email"
SAML2_EXTERNAL_ID_ATTRIBUTE="email"
SAML2_DISPLAY_NAME_ATTRIBUTES="firstname|lastname"
SAML2_IDP_ENTITYID=https://sso.jumpcloud.com/saml2/bookstack
SAML2_IDP_SSO=https://sso.jumpcloud.com/saml2/bookstack
SAML2_AUTOLOAD_METADATA=false
SAML2_IDP_x509="<big long cert string here>"
@ssddanbrown commented on GitHub (Jul 12, 2021): Hi @galeido, Just had a play using a trial JumpCloud account. I was able to get things working as expected without too much of an issue. One thing I noticed, You can directly access the metadata at the IDP URL which BookStack expects when autoloading metadata which may be what's producing that error. Instead I set `SAML2_AUTOLOAD_METADATA` to false and exported my metadata from within JumpCloud and then used the values in that file to set my `SAML2_IDP_x509` and `SAML2_IDP_SSO` values directly. So in the end my `.env` file looked something like this: ```bash SAML2_NAME="JumpCloud" SAML2_EMAIL_ATTRIBUTE="email" SAML2_EXTERNAL_ID_ATTRIBUTE="email" SAML2_DISPLAY_NAME_ATTRIBUTES="firstname|lastname" SAML2_IDP_ENTITYID=https://sso.jumpcloud.com/saml2/bookstack SAML2_IDP_SSO=https://sso.jumpcloud.com/saml2/bookstack SAML2_AUTOLOAD_METADATA=false SAML2_IDP_x509="<big long cert string here>" ```
OVERLORD commented 2026-02-05 03:38:21 +03:00
Author
Owner
Copy Link

@galeido commented on GitHub (Jul 12, 2021):

@ssddanbrown

Thank you, great work! How about the settings for the custom SAML application on JumpCloud?

@galeido commented on GitHub (Jul 12, 2021): @ssddanbrown Thank you, great work! How about the settings for the custom SAML application on JumpCloud?
OVERLORD commented 2026-02-05 03:38:28 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (Jul 12, 2021):

@galeido Details below, I didn't play around with the settings too much to be honest, Might be some improvements to be made.

Screen Shot 2021-07-12 at 21 45 47

@ssddanbrown commented on GitHub (Jul 12, 2021): @galeido Details below, I didn't play around with the settings too much to be honest, Might be some improvements to be made. ![Screen Shot 2021-07-12 at 21 45 47](https://user-images.githubusercontent.com/8343178/125353517-9289d380-e35a-11eb-8a93-651f220234b1.png)
OVERLORD commented 2026-02-05 03:38:31 +03:00
Author
Owner
Copy Link

@galeido commented on GitHub (Jul 13, 2021):

I can confirm configuration works in our test environment in production mode.

The ticket can be closed as a completed.

Thank you very much for your help.

@galeido commented on GitHub (Jul 13, 2021): I can confirm configuration works in our test environment in production mode. The ticket can be closed as a completed. Thank you very much for your help.
OVERLORD commented 2026-02-05 03:38:33 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (Jul 13, 2021):

@galeido Happy to have helped, And thank you very much for the sponsorship.

@ssddanbrown commented on GitHub (Jul 13, 2021): @galeido Happy to have helped, And thank you very much for the sponsorship.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
🎨 Design
📖 Docs Update
🐛 Bug
🐛 Bug
:cat2:🐈 Possible duplicate
💿 Database
Open to discussion
💻 Front-End
🐕 Support
🚪 Authentication
🌍 Translations
🔌 API Task
🏭 Back-End
Upstream
🔨 Feature Request
🛠️ Enhancement
🛠️ Enhancement
🛠️ Enhancement
❤️ Happy feedback
🔒 Security
🔍 Pending Validation
💆 UX
📝 WYSIWYG Editor
🌔 Out of scope
🔩 API Request
:octocat: Admin/Meta
🖌️ View Customization
Question
🚀 Priority
🛡️ Blocked
🚚 Export System
A11y
🔧 Maintenance
> Markdown Editor
pull-request
Mirrored from GitHub Pull Request
No Label 🐕 Support 🚪 Authentication
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/BookStack#2314
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?