Affects Version/s: 7.0.X, 7.1.X, 7.2.10 DXP FP9, 7.2.X, 7.3.X, 7.3.10 DXP GA1, Master
Component/s: Application Security > OpenID Connect
Steps to reproduce - environment setup
- Configure Liferay cluster with two tomcat nodes.
- Edit $TOMCAT_HOME/conf/server.xml of each node and configure the HTTP ports to "8080" and "8180", the shutdown ports to 8005 and 8105
- Activate session replication at tomcat level:
- Edit $TOMCAT_HOME/conf/server.xml of each node and inside Engine tag, add following text:
- Edit $TOMCAT_HOME/conf/context.xml of each node and inside Context tag, add following text:
- Edit $TOMCAT_HOME/webapps/ROOT/WEB-INF/web.xml and immediately following the <web-app> tag (inside the tag), add the tag <distributable />
- Edit $TOMCAT_HOME/conf/logging.properties and add the following lines.
- Also add cluster.org.apache.juli.FileHandler to handlers section at the beggining of the file.
- Configure the portal nodes with remote Elasticsearch by creating an com.liferay.portal.search.elasticsearch7.configuration.ElasticsearchConfiguration file in LIFERA_HOME/osgi/configs with content:
- Set the following in portal-ext.properties on each node:
Steps to reproduce
- Start Elasticsearch
- Start first tomcat node and wait until startup finish
- Start second tomcat node and wait until startup finish
- Enable OpenID Connect authentication
- Login via OpenID Connect: Click Sign In > OpenID Connect > Choose you OpenID provider and click Sign In
- Check ha.2021-xx-xx.log of both nodes:
: No error is logged
: On the node when login happens the following is logged:
On the other node, where the session is replicated to, the following is logged: