Please fill in the questionnaire below.
Technical Help Questionnaire
Have you read and followed the instructions at: /read-me-first-technical-help-faqs/17/2 ?
Answer: Yes
Self-Hosted Installation and Setup Questions
Delete this section if you are using Baserow.io.
How have you self-hosted Baserow.
Docker-based, on a Ubuntu VM.
What are the specs of the service or server you are using to host Baserow.
Memory on the VM:
total used free shared buff/cache available
Mem: 15Gi 2.2Gi 8.7Gi 133Mi 4.7Gi 12Gi
Swap: 979Mi 0B 979Mi
Which version of Baserow are you using.
1.26.1
How have you configured your self-hosted installation?
#!/bin/sh
docker run
-d
–name baserow
-e BASEROW_PUBLIC_URL=“xxx”
-e BASEROW_CADDY_ADDRESSES=“xxx”
-e EMAIL_SMTP=true
-e EMAIL_SMTP_HOST=“xxx”
-e EMAIL_SMTP_PORT=“xxxx”
-e FROM_EMAIL=“noreply@eduxs.eu”
-v baserow_data:/baserow/data
-v “$PWD/Caddyfile:/baserow/caddy/Caddyfile”
-p 80:80
-p 443:443
–restart unless-stopped
baserow/baserow:1.26.1
What commands if any did you use to start your Baserow server?
See above.
Describe the problem
We are trying to implement SSO based on SAML. This is the SRAM SAML inplementation, provided by the SURF organisation.
After login at the provider, the process fails with the following traceback in the log:
[BACKEND][2024-10-30 14:42:26] File “/baserow/enterprise/backend/src/baserow_enterprise/sso/saml/handler.py”, line 152, in get_user_info_from_authn_user_identity
[BACKEND][2024-10-30 14:42:26] email = authn_identity[“user.email”][0]
[BACKEND][2024-10-30 14:42:26] └ {‘uid’: [‘xxxxx’], ‘eduPersonAssurance’: [’ … link removed …', 'xxx link removed…
[BACKEND][2024-10-30 14:42:26]
[BACKEND][2024-10-30 14:42:26] KeyError: ‘user.email’
It seems that Baserow relies on the fact that the attribute user.email
is provided by the SAML provider. However, for SRAM, this is not the case. SRAM has a fixed set of attributes (see: Attributes in SRAM - SURF IAM - SURF User Knowledge Base).
The needed attribute is called mail
in the SRAM set of attributes (according to rfc822).
So, this means that we need a way of configuring attributes on the side of Baserow to be able to use SRAM as a SAML provider.