Welcome, Guest
Joomdle 1.0 Installation

TOPIC: SSO Problems after enabling SSL

SSO Problems after enabling SSL 4 months 1 week ago #1

  • David Laverick
  • David Laverick's Avatar
  • Offline
Hi Guys,

I have just upgraded all components and enabled SSL in both Joomla and Moodle. Everything was working before enabling SSL. The problem now is that accessing Moodle course materials prompts users to login to Moodle in the wrapper. That is any user but me and a colleague. The only difference is that we are both Moodle admins, so it seems like a Moodle permissions issue. Though only when SSL is enabled.

The system check in Joomdle gives me a full set of green ticks.

If I test the webservice using the secure url "h t t p s://mysite.com/moodle//webservice/xmlrpc/server.php?wstoken=xxxxxxx" I get an error
<methodResponse><fault><value><struct><member><name>faultCode</name><value><int>23604497</int></value></member><member><name>faultString</name><value><string>Can not find data record in database table external_functions. | DEBUG INFO: SELECT * FROM {external_functions} WHERE name IS NULL
[array (
)] | ERRORCODE: invalidrecord</string></value></member></struct></value></fault></methodResponse>

If I test it using a non secure URL "h t t p://mysite.com/moodle//webservice/xmlrpc/server.php?wstoken=xxxxxxx" I get a valid response.

Have you any suggestions?

Thanks

Dave
Joomdle 1.2
Joomla 3.8.10
Moodle Moodle 3.5+ (Build: 20180706)
The administrator has disabled public write access.

SSO Problems after enabling SSL 4 months 1 week ago #2

  • Antonio Durán
  • Antonio Durán's Avatar
  • Offline
Hi.

Maybe you already logged as admin in another window and that's why it works for your accounts? SSO should not have anything to do with Moodle roles.

As for why it does not work: . I just tested in a SSL enabled site with bot redirect-less SSO on and off, and it worked fine. You can try changing this setting in Joomdle config in Joomla to see if that helps.
Did you test this after upgrade but before SSL? Maybe it is not related to the SSL, but the upgrade.
The administrator has disabled public write access.

SSO Problems after enabling SSL 4 months 1 week ago #3

  • David Laverick
  • David Laverick's Avatar
  • Offline
Hi Antonio,

No I wasn't logged in another window. I have been testing with different browsers on different computers, clearing browser cache every time and same effect happens every time. The two moodle admin users can access Moodle through the Joomla sso and other non Moodle admins can't. As you say, Moodle roles should affect this, and it doesn't without ssl enabled. However, I made a test user a Moodle admin, which made no difference to that user SSO problem, I then went on to make that user a super user in Joomla, and again no effect. So that theory is out of the window. I still cant figure out why SSO works for my user account every time no matter what I do.

I have also changed redirect-less SSO on and off and it makes no difference to either the success of my account or the failure of ordinary user accounts.

The site did work OK before I enabled SSL, or so I thought! I was probably testing with my user account, which works every time no matter what. I have just removed the SSL settings for both Moodle and Joomla so the site is running on regular http but the same conditions exist, the two existing Moodle admins work fine and the ordinary users don't, so it seems that SSL is not the issue. Now I'll totally baffled.

It is very strange! I'm starting to think it might be a bug in this release of Moodle.

Any advice would be gratefully received.

Dave
The administrator has disabled public write access.

SSO Problems after enabling SSL 4 months 1 week ago #4

  • Antonio Durán
  • Antonio Durán's Avatar
  • Offline
Ok, that's good, as you removed a possible cause.

If it is workign for some users and not others, first thing I would do is look at Joomdle->Users, to make sure the users you are testing with have the 3 checks.
Aside from that, I guess I would just debug the code at this point, to try to find out what's really going on.
The administrator has disabled public write access.

SSO Problems after enabling SSL 4 months 1 week ago #5

  • David Laverick
  • David Laverick's Avatar
  • Offline
Morning Antonio,

To update my last post, I have been digging in the Moodle logs this morning. Currently the SSL is not in use. My ordinary user logged into Joomla and viewed the course list. Moodle logs is showing a number of entries for Web service function called such as joomdle_get_course_info, joomdle_get_course_mods, joomdle_get_course_students, joomdle_my_courses, joomdle_my_events.together with a few calls to joomdle_update_session. However, and crucially, the logs don't show the event "User has logged in", whereas I do get that event in the Moodle logs when I log in to Joomla. For my user, this event is shown with the origin as web whereas the other calls are origin ws.

Do you have any insight into what should be happening to make the Joomla user login to moodle, as this seem to be the missing link?

Many thanks

Dave
The administrator has disabled public write access.

SSO Problems after enabling SSL 4 months 1 week ago #6

  • David Laverick
  • David Laverick's Avatar
  • Offline
Hi Antonio,

That was it!!! The users weren't set as Joomdle User, only Joomla and Moodle. It wasn't an issue in the last few versions of the site, so something has changed somewhere. Anyway, migrating the users to Joomdle makes it work in both ordinary and SSL sites.

Massive thank you for pointing me towards that simple solution.

Dave
The administrator has disabled public write access.

SSO Problems after enabling SSL 4 months 1 week ago #7

  • Antonio Durán
  • Antonio Durán's Avatar
  • Offline
Ahh yes! You are totally correct: a bug was fixed in a recent release, that made non Joomdle users perform SSO when they had users with same username in Joomla and Moodle.
Fix removed this, so your users were not doing SSO.

Glad to know that issue is fixed now.
Last Edit: 4 months 1 week ago by Antonio Durán.
The administrator has disabled public write access.