Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-38254

Problem to send signed AuthnRequest messages

    Details

      Description

      I would like to enable signed AuthnRequest messages for the SAML Portlet. I've already set the saml.sp.sign.authn.request property in portal-ext.properties to true and the http://localhost:8080/c/portal/saml/metadata metadata correctly shows <md:SPSSODescriptor AuthnRequestsSigned="true" ...

      However, the sent AuthnRequest is still not being signed. I already debugged and found out that the outboundSAMLMessageSigningCredential in the samlMessageContext is correctly set. I think one reason for this problem is that when I click on the Sign In link, the HTTP-Redirect Binding is used which obviously does not support signatures because of the limited URL length.

      Hence, I've set the IDP metadata to HTTP-Post in order to force Liferay to use POST binding. However, I get an Exception when I click on Sign In because LR wants to use HTTP-Redirect and this is not allowed anymore due to this changed config. So, on one hand, there seems to be no support for HTTP-POST binding for AuthnRequest, yet. But on the other hand, there is this saml.sp.sign.authn.request property which should enable AuthnRequest signing.

      Best Regards from UBL, Neu-Isenburg, Germany.

        Attachments

          Activity

            People

            Assignee:
            justin.choi Justin Choi (Inactive)
            Reporter:
            daya.bethmage Daya Bethmage
            Participants of an Issue:
            Recent user:
            Esther Sanz
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since last comment:
              7 years, 38 weeks, 2 days ago

                Packages

                Version Package
                6.1.X EE
                6.2.0 CE B1