Element (Matrix/Synapse) webchat - "Continue with CAS" does not work, password does (after enabling)

Hi all,

From diagnosis:
Server hardware architecture is lxc amd64
Server is running Linux kernel 6.2.16-19-pve
Server is running Debian 11.8
Server is running YunoHost 11.2.5 (stable)

I have been having troubles using the Element webclient for ages, but did not look into it (kdeconnect lets me use my telephone-element easily enough from my desktop most of the time).

At first the login did not work, but “Continue with CAS” worked after I reinstalled it at some moment. For quite a while now, “Continue with CAS” redirects me to the YNH home page with all the apps. On top there is a blue banner, “Please log in to access this content.”:

The web app does work on Firefox on my phone, but not on my desktop, neither regular nor private; same result with Chromium.

There is a solution to the problem on Github posted by thardev, involving commenting-out some LDAP settings (bind_dn/bind_password/filter in /etc/matrix-synapse/homeserver.yaml) , but that did not have any effect. Rosbeef mentioned changing the Element config as well, but it is already as suggested (“login_for_welcome”:true in /var/www/element/config.json).

Element on my daughter’s website still has the password option available; password login works there, as well as does CAS.

I suspect SSO has to do with it on my site: when I switch the homeserver on my daughter’s Element-login to my own homeserver, Element recognizes that password login is not available, switches to CAS automatically and sends me to my own YNH-home page after signing in.

I tried, with no success:

  • comment out bind_dn/bind_password/filter in /etc/matrix-synapse/homeserver.yaml (and restart matrix-synapse)
  • “login_for_welcome”:true in /var/www/element/config.json
  • “login_for_welcome”:false (hoping to circumvent SSO)
  • taking Element out of the “Visitors” group, and adding it again
  • switching the language (… you never know…)
  • remove a forward to Element on another Yunohost (… at another URL and domain than my own Element, but, you never know!)

Seeing password login does work on my daughter’s server, I tried, with succes:

  • enable password login by commenting out enabled: false under password_config: in /etc/matrix-synapse/homeserver.yaml

I’m happy that it works again now, but I can not really explain the behaviour.

Any idea?

Edit: just to make it clear for later readers: I don’t have a problem at the moment, I just wondered. If you have problems logging in to Element because of the redirect loop, try (re-)enabling password login :slight_smile:


Yes, there is an open ticket for that issue: Attempting to log in only shows the CAS option, resulting in a loop · Issue #412 · YunoHost-Apps/synapse_ynh · GitHub.

1 Like

Ah, thanks! I missed that one.

For the record, in case someone else runs into it: I was able to work around the loop by re-enabling password login, exactly the method that was broken earlier and remedied by forcing CAS.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.