Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-52959

No SAMLRequest error results when using SAML v1.0.0 with Weblogic

    Details

      Description

      1. Install SAML plugin v1.0.0 as IDP on Weblogic/Liferay

      a. Create a keystore for the IDP with command

      keytool -genkeypair -alias samlidp -keyalg RSA -keysize 2048 -keypass password -storepass password -keystore keystore.jks
      

      b. Copy the generated keystore.jks to the data folder for Weblogic, and override any existing ones.

      c. Set portal-ext.properties:

      saml.enabled=true
      saml.role=idp
      saml.entity.id=samlidp
      saml.require.ssl=false
      saml.sign.metadata=true
      saml.idp.authn.request.signature.required=true
      saml.keystore.path=${liferay.home}/data/keystore.jks
      saml.keystore.password=password
      saml.keystore.type=jks
      saml.keystore.credential.password[samlidp]=password
      saml.metadata.paths=http://[path to saml sp]:8080/c/portal/saml/metadata
      

      2. Install SAML plugin v1.0.0 as SP on Tomcat/Liferay

      a. Create a keystore for the IDP with command

      keytool -genkeypair -alias samlsp -keyalg RSA -keysize 2048 -keypass password -storepass password -keystore keystore.jks
      

      b. Copy the generated keystore.jks to the data folder for Tomcat, and override any existing ones.

      c. Set portal-ext.properties:

      ## SAML
      saml.enabled=true
      saml.role=sp
      saml.entity.id=samlsp
      saml.metadata.paths=http://[path to samlidp]:7003/c/portal/saml/metadata
      
      # Keystore
      saml.keystore.type=jk
      saml.keystore.path=${liferay.home}/data/keystore.jks
      saml.keystore.password=password
      saml.keystore.credential.password[samlsp]=password
      #Service Provider
      saml.sp.default.idp.entity.id=samlidp
      saml.sp.sign.authn.request=true
      saml.sp.assertion.signature.required=true
      saml.sp.clock.skew=3000
      #saml.sp.user.attribute.mappings=emailAddress
      

      3. Start servers

      4. Go to SP (aka tomcat), and click "Sign In" link in Liferay

      5. Attempt to login

      Result: Error message on the IDP (Full error is attached)

      11:49:46,306 ERROR [[ACTIVE] ExecuteThread: '13' for queue: 'weblogic.kernel.Default (self-tuning)'][status_jsp:685] com.liferay.saml.SamlException: org.opensaml.ws.message.decoder.MessageDecodingException: No SAMLRequest or SAMLResponse query path parameter, invalid SAML 2 HTTP Redirect message
      com.liferay.saml.SamlException: org.opensaml.ws.message.decoder.MessageDecodingException: No SAMLRequest or SAMLResponse query path parameter, invalid SAML 2 HTTP Redirect message
      	at com.liferay.saml.profile.WebSsoProfileImpl.processAuthnRequest(WebSsoProfileImpl.java:129)
      	at com.liferay.saml.profile.WebSsoProfileUtil.processAuthnRequest(WebSsoProfileUtil.java:36)
      	at com.liferay.saml.hook.action.WebSsoAction.execute(WebSsoAction.java:40)
      	at com.liferay.portal.kernel.struts.BaseStrutsAction.execute(BaseStrutsAction.java:37)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:606)
      	at com.liferay.portal.kernel.bean.ClassLoaderBeanHandler.invoke(ClassLoaderBeanHandler.java:67)
      	at com.sun.proxy.$Proxy450.execute(Unknown Source)
      	at com.liferay.portal.struts.ActionAdapter.execute(ActionAdapter.java:50)
      	at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
      	at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
      	at com.liferay.portal.struts.PortalRequestProcessor.process(PortalRequestProcessor.java:176)
      	at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
      

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  3 years, 6 weeks, 6 days ago

                  Packages

                  Version Package
                  6.1.X EE
                  6.2.X EE
                  7.0.0 M4