Login problems with Posit Connect

Today users reported trying to login to a Posit Connect server was returning an error message saying "There was a problem logging in. Please try again." It's running on a Linux server using SAML authentication to our campus Shibboleth instance, and has been working for some time. In /var/log/rstudio-connect.log, I'm seeing

2023/09/11 13:38:54 /connect/src/connect/vendor/github.com/rstudio/saml/sp/sp.go:175: (saml) SAML request received with path /login
2023/09/11 13:38:54 /connect/src/connect/vendor/github.com/rstudio/saml/sp/sp.go:175: (saml) Found a SAML encryption key
2023/09/11 13:38:54 /connect/src/connect/vendor/github.com/rstudio/saml/sp/sp.go:175: (saml) Creating authentication request
2023/09/11 13:38:54 /connect/src/connect/vendor/github.com/rstudio/saml/sp/sp.go:175: (saml) Returning authentication request as redirect
2023/09/11 13:38:55 /connect/src/connect/vendor/github.com/rstudio/saml/sp/sp.go:175: (saml) SAML request received with path /login/saml/acs
2023/09/11 13:38:55 /connect/src/connect/vendor/github.com/rstudio/saml/sp/sp.go:175: (saml) Found a SAML encryption key
2023/09/11 13:38:55 /connect/src/connect/vendor/github.com/rstudio/saml/sp/sp.go:175: (saml) Handling authentication response
2023/09/11 13:38:55 SAML handling error trying to read assertion from SAML response: cannot validate signature on Response: Cert is not valid at this time

I've doublechecked that the TLS certificate that nginx itself is using on the server isn't the problem. Any ideas?

Our IAM folks seem to have fixed this -- though they did note

"This looks like a vendor erroring on the certificate expiring despite that not being in the SAML spec."

But all that's Ελληνικά to me. In any event logins work again.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.

If you have a query related to it or one of the replies, start a new topic and refer back with a link.