Element (Matrix/Synapse) webchat - "Continue with CAS" does not work, password does (after enabling)

Support
, ,
1

Hi all,

From diagnosis:
Server hardware architecture is lxc amd64
Server is running Linux kernel 6.2.16-19-pve
Server is running Debian 11.8
Server is running YunoHost 11.2.5 (stable)

I have been having troubles using the Element webclient for ages, but did not look into it (kdeconnect lets me use my telephone-element easily enough from my desktop most of the time).

At first the login did not work, but “Continue with CAS” worked after I reinstalled it at some moment. For quite a while now, “Continue with CAS” redirects me to the YNH home page with all the apps. On top there is a blue banner, “Please log in to access this content.”:

image
image904×180 11.1 KB

The web app does work on Firefox on my phone, but not on my desktop, neither regular nor private; same result with Chromium.

There is a solution to the problem on Github posted by thardev, involving commenting-out some LDAP settings (bind_dn/bind_password/filter in /etc/matrix-synapse/homeserver.yaml) , but that did not have any effect. Rosbeef mentioned changing the Element config as well, but it is already as suggested (“login_for_welcome”:true in /var/www/element/config.json).

Element on my daughter’s website still has the password option available; password login works there, as well as does CAS.

I suspect SSO has to do with it on my site: when I switch the homeserver on my daughter’s Element-login to my own homeserver, Element recognizes that password login is not available, switches to CAS automatically and sends me to my own YNH-home page after signing in.

I tried, with no success:

  • comment out bind_dn/bind_password/filter in /etc/matrix-synapse/homeserver.yaml (and restart matrix-synapse)
  • “login_for_welcome”:true in /var/www/element/config.json
  • “login_for_welcome”:false (hoping to circumvent SSO)
  • taking Element out of the “Visitors” group, and adding it again
  • switching the language (… you never know…)
  • remove a forward to Element on another Yunohost (… at another URL and domain than my own Element, but, you never know!)

Seeing password login does work on my daughter’s server, I tried, with succes:

  • enable password login by commenting out enabled: false under password_config: in /etc/matrix-synapse/homeserver.yaml

I’m happy that it works again now, but I can not really explain the behaviour.

Any idea?

Edit: just to make it clear for later readers: I don’t have a problem at the moment, I just wondered. If you have problems logging in to Element because of the redirect loop, try (re-)enabling password login :slight_smile:

2

Hi,

Yes, there is an open ticket for that issue: Attempting to log in only shows the CAS option, resulting in a loop · Issue #412 · YunoHost-Apps/synapse_ynh · GitHub.

1 Like
3

Ah, thanks! I missed that one.

For the record, in case someone else runs into it: I was able to work around the loop by re-enabling password login, exactly the method that was broken earlier and remedied by forcing CAS.

4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.