Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-101721

Encrypted assertions are not read when creating a new user on SP

    Details

      Description

      Steps to reproduce:

      1. Configure two Liferay 7.2 GA1 Liferay instances with the plugin Liferay Connector to SAML 2.0 (version 5.0.0) in order to have one as an Identity provider and the other one as a Service Provider
        Checkpoint: you are able to connect from the SP with a user that only exist in the Idp, the user is imported successfully and the login is successfully done in both instances.
      2. Create an Encryption Certificate and Private Key in the Service provider`s general tab
      3. Update the SP entry registered in the Identity Provider instance (Service Provider Connections tab) in order enable the 'Force Encryption' option.
      4. Create a new user on the IDP instance
      5. Try to log in with the new user (which only exists within the IDP) on the SP instance

       Expected result: you are able to connect from the SP with a user that only exist in the Idp, the user is imported successfully and the login is successfully done in both instances (SP,IDP).
      Side note: if you try to log in from the SP with a user that was already imported in the past, the log in is successfully done in both instances, this is "only" not working with new users which are only existing on the IDP instance.
       Actual result: The user is not imported successfully and the sign in is only done in the Identity Provider
      ERROR is thrown in the log:
      2019-08-05 11:47:37.703 ERROR [http-nio-8080-exec-1][BaseSamlStrutsAction:59] Screen name must not be null for user 35544

       

      The issue is caused by the DefaultUserResolver not reading encrypted assertions.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  15 weeks, 1 day ago

                  Packages

                  Version Package
                  7.1.X
                  7.2.X
                  7.2.1 CE GA2
                  Master