Affects Version/s: 7.0.X EE
Component/s: Application Security > SAML
Steps to reproduce (linux):
- Open terminal, go to root directory (/), or any other directory where current user does not have permissions to create new files
- Run /opt/liferay.git/bundles-ee-7.0.x/tomcat-8.0.32/bin/start.sh (exchange with your path to liferay.home)
Expected result: No error related to velocity.log in log files
Actual result: Stacktrace saml_error.txt can be found in the logs
On starting up a DXP instance with SAML deployed, the following error is thrown:
The full stacktrace is attached. This prevents SAML modules from registering correctly. The SAML Admin element shows up in Control Panel, but the page is blank; and even though we already have SAML settings in the database, it does not seem to be enabled.
This stems from com.liferay.saml.opensaml.integration.internal.velocity.VelocityEngineFactory.getVelocityEngine(ClassLoader), which hard-codes velocity configuration settings:
This was a problem in core, fixed several years ago by
. Solutions to similar issues found online (e.g. here) tend to revolve around changing the velocity configurations, but these configurations are hard-coded and thus not editable. LPS-17329
Core velocity configurations are editable in Control Panel at System Settings > Foundation > Velocity Engine. Ideally SAML would respect these same settings (which, by the way, default the log class to org.apache.velocity.runtime.log.SimpleLog4JLogSystem, which would also avoid this issue).
This is a blocker for us using SAML.