Keyclock с интерфейсом Redmine, использующим логин SAML, с ошибкой

Question

Я новичок в этом интерфейсе Keyclock & Redmine, использующем SAML.На данный момент saml.rb мы пытаемся реализовать SSO.

Redmine::OmniAuthSAML::Base.configure do |config|
  config.saml = {
    :assertion_consumer_service_url => "http://<IP>/redmine/auth/saml/callback", # OmniAuth callback URL
    :issuer                         => "redmine-saml",      # The issuer name / entity ID. Must be an URI as per SAML 2.0 spec.
    :single_logout_service_url      => "http://<IP>/redmine/auth/saml",      # The SLS (logout) callback URL
    :idp_sso_target_url             => "http://<Keyclock IP>:8080/auth/realms/master/protocol/saml", # SSO login endpoint
    :idp_cert_fingerprint           => "66:BC:3D:15:AD:FA:70:A6:33:20:21:4F:2E:FC:43:1B:79:EC:D7:12", # SSO ssl certificate fingerprint
    # Alternatively, specify the full certifiate:
    :idp_cert                       => "MIICpzCCAY8CBgFnOzydPTANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxyZWRtaW5lLXNhbWwwHhcNMTgxMTIyMTE0MzA3WhcNMjgxMTIyMTE0NDQ3WjAXMRUwEwYDVQQDDAxyZWRtaW5lLXNhbWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3si4Rn7JziRhuEqTiKoJnney3/9rS4srrd4F3YjaID0CcOCiNDlwCjfplZy+/YpQ7ma2/tut9Uypx+ntO9avoZHoldbFxiP/ngcT7mFMbE1TSt21jee3JEYYQ44mxK2bgWVvM7TmpJLUhQ/J63/tZIEhgXJI7NpkRwxsecKE7P7AVTFv1VpgDwudBGvxshbjJ4nEbdwTvkMO7vDxsR9ApbNciNTC9/GvTMs0XhHoId4Kny74F/GSblKJDAFaJ/4HFjAIgGv6oqnw4viookFU/E8ZGxRzaE1mRCIN8aY62vc65gc/8ywpbn1Sg6y46p5XRpD+oFKQlD16LqtMYNs9LAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAACM+lBx11zmfUBdR+d/OM2Am9ZlkGDiud5WcGR2p3WvLAaIS78EGIafyT7uNMhIFxcq+t7kTqbWVHWuZXGzOeec9thKtLRGUGLVDgm4zCuw2vslVQx1FJHWUwjAs9PmhcOMUr3uQ3yfjqSNAQZY/iCaGb0EyUgKjIoozHTr3EiQV/zPvQWEZKWTut/8BjD9Zmy25OO+0Tksdnhc0YglXNonjzyHuWcVNAzvaP+9grMrMjK6HWvfaMbiLprP39cpcfIsZUUx8/q0z/lNSn7oxJG4b1liO0kHZPULylr87C6WE0DPTl7oP1vIlHfFQW76pxmvCkPvSlqcBKJG4wTi/XU=",
    :name_identifier_format         => "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
    :signout_url                    => "http://<Keyclock IP:8080>/auth/realms/master/protocol/saml/clients/redmine-saml", # Optional signout URL, not supported by all identity providers
    :idp_slo_target_url             => "http://<Keyclock IP:8080>/auth/realms/master/protocol/saml/clients/redmine-saml",
    :name_identifier_value          => "login", # Which redmine field is used as name_identifier_value for SAML logout

:attribute_mapping              => {
    # How will we map attributes from SSO to redmine attributes

     :login      => 'extra.raw_info.username',
     :mail       => 'extra.raw_info.email',
     :firstname  => 'extra.raw_info.firstname',
     :lastname   => 'extra.raw_info.lastname'
    }
  }

  config.on_login do |omniauth_hash, user|
    # Implement any hook you want here
  end
end

Здесь Redmine может перенаправить на портал с ключами, но если я дам пароль, он выдаст ошибку на портале redmine:

translation missing: en.error_saml_invalid_ticket

Пожалуйста, дайте мне знать, где мне нужно внести изменения.