we are having a very weird issue with our Discourse SSO. Ever since one user logged out of impersonation, he is unable to log back in. This is what happens now if he tries to log in: (the user was logged into Nextcloud previously).
The Server just closes the connection. I am unable to find any error log. Not inside any of the nginx proxies, not inside Discourse, not inside Nextcloud.
Interestingly it has nothing to do with the network or device. It is just this user that fails to log in.
I also tried clearing out the SSO Data from Discourse, changed the Email Address to force creation of a new Discourse Account. The Problem still persists.
I suspect this is an issue with the Nextcloud plugin, however I don’t see any error messages by Discourse, which surprises me. (I cleared the log and tried again, no record appeared.)
Okay, now we have a REAL issue. The problem seems to be spreading to other user. And the second one is not an admin and can therefore not use the workaround.
If I want to contact (paid) support, who should I talk to in my case?
Yes. Nextcloud SSO only supports GET and not POST-based login. Our nginx proxy silently dropped the request since we had too many groups filling up the request header.
Our current workaround is manually patching the Plugin to not include groups:
We will switch to keycloak for authentication soon.