Details

      Description

      Notes

      1. Set the different virtual hosts as below as an example

      127.0.0.1 www.bbb.com (For IDP)

      127.0.0.1 www.sp.com (For SP)

      2. Using the test test user in this test. Make sure the user share the same password in IDP and SP

      Reproduction Steps

      Configure the first Liferay bundle as IDP

      1. Start the server. When signing in, DO NOT flag the Remember Me
      2. Navigate to the Admin > Control Panel > SAML Admin
      3. Navigate to the General tab, enter the following:
        1. SAML Role (Required): Identity Provider
        2. Entity ID (Required): samlidp
      4. Click save
      5. In the certificate and Private Key section, enter the following:
        1. Common Name (Required): Liferay Support
        2. Organization (Required): Liferay
        3. Organization Unit: (leave blank)
        4. Locality: (leave blank)
        5. State: (leave blank)
        6. Country: USA
        7. Validity (days) (Required): 356
        8. Key Algorithm: RSA
        9. Key Length (Bits): 2048
        10. Key Password (Required): samlidp
      6. Click Save
      7. Check the” Enabled” check box and click Save
      8. In the Control Panel >SAML Admin, click the Identity Provider 
      9. Make sure the” Sign Metadata” and ”Require Authn Required Signature” is checked

      Configure the second Liferay bundle as SP

      1. Change the port number to 7080 for this SP bundle
      2. Start the server. Remember when signing in, DO NOT flag the Remember Me checkbox
      3. Navigate to the Control Panel > SAML Admin
      4. Under the General tab, enter the following:
        1. SAML Role: Service Provider
        2. Entity ID (Required): samlsp
      5. Click Save.
      6. In the Certificate and Private Key section, enter the following:
        1. Common Name: Liferay Support
        2. Organization: Liferay
        3. Organization Unit: {leave blank}
        4. Locality: {leave blank}
        5. State: {leave blank}
        6. Country: USA
        7. Validity (days)(Required): 356
        8. Key Algorithm: RSA
        9. Key Length (Bits): 2048
        10. Key Password (Required): samlsp
      7. Click save
      8. Click the Identity Provider Connection Enter the following:
        1. Name (Required): samlidp
        2. Entity ID: samlidp
        3. Check the “Enabled” option
        4. Metadata URL: http://www.bbb.com:8080/c/portal/saml/metadata 
        5. Select "Email Address" from the Name Identifier Format drop-down menu
        6. Click save
      9. Click the General 
      10. Check the "Enabled", then Click Save

      Go back to the first Liferay bundle configured as the IdP

      1. Navigate to the Control Panel > SAML Admin
      2. Click the Service Provider Connections
      3. Click the Add Service Provider 
      4. Enter the following:
        1. Name: samlsp
        2. Entity ID: samlsp
        3. Check the "Enabled" 
        4. Assertion Lifetime: 1800
        5. Metadata URL: http: //www.sp.com:7080/c/portal/saml/metadata 
        6. Name Identifier Format: Email Address
        7. Name Identifier Attribute Name: emailAddress
      5. Click Save

      To test IdP initiated SLO

      1. Open a new browser tab with the IdP (http://www.bbb.com:8080/), login with the test test user
      2. Open a new browser tab with the SP (http://www.sp.com:7080), login with the test test user
      3. Click Sign Out in the IdP to trigger the SLO, the IdP can be logged out successfully
      4. Navigate to the SP's browser window and refresh the page

      Expected Behavior: The SP is logged out as well

      Actual Behavior: The SP is not logged out

      Reproduced In

      Master: 297382fe7675b872c21feaa3d0945784d6a0b72d

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              support-lep@liferay.com SE Support
              Reporter:
              aaron.wang Aaron Wang (Inactive)
              Participants of an Issue:
              Recent user:
              Sophia Zhang
              Engineering Assignee:
              Marta Medio (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                34 weeks, 4 days ago

                  Packages

                  Version Package
                  7.3.7 CE GA8
                  7.3.X
                  7.4.0 CE GA1 DXP 7,4
                  7.4.13 DXP GA1
                  Master