Problem
The following traceback shows, if you are login with saml on a school replica.
17.06.22 15:28:30.238 MAIN ( ERROR ) : Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/cherrypy/_cprequest.py", line 670, in respond
response.body = self.handler()
File "/usr/lib/python3/dist-packages/cherrypy/lib/encoding.py", line 220, in __call__
self.body = self.oldhandler(*args, **kwargs)
File "/usr/lib/python3/dist-packages/cherrypy/_cpdispatch.py", line 60, in __call__
return self.callable(*self.args, **self.kwargs)
File "/usr/sbin/univention-management-console-web-server", line 1258, in index
return acs(binding, message, relay_state)
File "/usr/sbin/univention-management-console-web-server", line 1281, in attribute_consuming_service_iframe
response = self.acs(message, binding)
File "/usr/sbin/univention-management-console-web-server", line 1395, in acs
response = self.sp.parse_authn_request_response(message, binding, self.outstanding_queries)
File "/usr/lib/python3/dist-packages/saml2/client_base.py", line 717, in parse_authn_request_response
self.users.add_information_about_person(resp.session_info())
File "/usr/lib/python3/dist-packages/saml2/population.py", line 27, in add_information_about_person
session_info["not_on_or_after"])
File "/usr/lib/python3/dist-packages/saml2/cache.py", line 129, in set
self._db[cni] = data
File "/usr/lib/python3.7/shelve.py", line 125, in __setitem__
self.dict[key.encode(self.keyencoding)] = f.getvalue()
_dbm.error: cannot add item to database
Solution
This Error is fixed in UCS 5.0-6 Erratum 914, so you could update Primary Node and all Backup Nodes that are used as SAML IDP to the latest Version.
univention-upgrade --ignoressh --ignoreterm --noninteractive
or
Set a UCRV to true so that no more caching is performed. Exactly as described above on the Primary Node and all Backup Nodes that are used as SAML IDP.
ucr set umc/saml/in-memory-identity-cache=true