Details

    • Type: Feature Request Feature Request
    • Status: Closed
    • Priority: Critical Critical
    • Resolution: Duplicate
    • Affects Version/s: 6.0.5 GA
    • Fix Version/s: --Sprint 12/11, 6.1.0 CE RC1
    • Component/s: UI Infrastructure
    • Labels:
      None
    • Environment:
      PRD-349 6.x or above
    • Similar Issues:
      Show 4 results 

      Description

      integrate SAML 2.0 SSO

      Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML OASIS standard for exchanging authentication and authorization data between security domains. SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal (usually an end-user) between an identity provider and a web service. SAML 2.0 enables web-based authentication and authorization scenarios including single sign-on (SSO).

      Refer to http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security

        Issue Links

          Activity

          Hide
          Oleg Cohen added a comment -

          Another option to enable Liferay SAML 2.0 SSO is to use the AssureBridge SSO adapter plugin which enables Liferay integration with the AssureBridge fully-managed, hosted SSOExchange service. For more details please visit this page: http://www.assurebridge.com/integrations/liferay-saml-single-sign-on-integration.

          Show
          Oleg Cohen added a comment - Another option to enable Liferay SAML 2.0 SSO is to use the AssureBridge SSO adapter plugin which enables Liferay integration with the AssureBridge fully-managed, hosted SSOExchange service. For more details please visit this page: http://www.assurebridge.com/integrations/liferay-saml-single-sign-on-integration .
          Hide
          Denis Vaumoron added a comment -

          Hi Mika,

          here is the patch implementing the service provider part of SAML 2.0 and 1.1 in Liferay, as we discussed earlier, this implementation support a post endpoint for assertion consumer service, a redirect endpoint for single logout and use the binding redirect for send request, but for the moment it does not support encryption, only signature. The IdP metadata location on filesystem is in portal.properties, the SP metadata are generated and can be read on server at /saml/metadata.xml. I have tested it with the IDP simpleSAMLphp and Authentic.

          Hope it help...

          Best regards,

          Denis

          Show
          Denis Vaumoron added a comment - Hi Mika, here is the patch implementing the service provider part of SAML 2.0 and 1.1 in Liferay, as we discussed earlier, this implementation support a post endpoint for assertion consumer service, a redirect endpoint for single logout and use the binding redirect for send request, but for the moment it does not support encryption, only signature. The IdP metadata location on filesystem is in portal.properties, the SP metadata are generated and can be read on server at /saml/metadata.xml. I have tested it with the IDP simpleSAMLphp and Authentic. Hope it help... Best regards, Denis
          Hide
          Denis Vaumoron added a comment -

          I forgot to mention that this patch also include LPS-14104 and LPS-14345

          Show
          Denis Vaumoron added a comment - I forgot to mention that this patch also include LPS-14104 and LPS-14345
          Hide
          Mika Koivisto added a comment -

          Thanks Denis.

          Show
          Mika Koivisto added a comment - Thanks Denis.
          Hide
          Marco Bencivenni added a comment -

          Hi Denis,

          we tryed to use your patch but we miss 4 classes:

          com.liferay.portal.model.Assertion
          com.liferay.portal.NoSuchAssertionException
          com.liferay.portal.service.base.AssertionLocalServiceBaseImpl
          com.liferay.portal.service.AssertionLocalServiceUtil

          Where can we find these classes?
          Thanks,
          Marco B

          Show
          Marco Bencivenni added a comment - Hi Denis, we tryed to use your patch but we miss 4 classes: com.liferay.portal.model.Assertion com.liferay.portal.NoSuchAssertionException com.liferay.portal.service.base.AssertionLocalServiceBaseImpl com.liferay.portal.service.AssertionLocalServiceUtil Where can we find these classes? Thanks, Marco B
          Hide
          Denis Vaumoron added a comment -

          You need to launch the service builder to generate them

          Show
          Denis Vaumoron added a comment - You need to launch the service builder to generate them
          Hide
          Michael Han added a comment -

          Duplicated ticket...EE only features

          Show
          Michael Han added a comment - Duplicated ticket...EE only features

            People

            • Votes:
              22 Vote for this issue
              Watchers:
              28 Start watching this issue

              Dates

              • Due:
                Created:
                Updated:
                Resolved:
                Days since last comment:
                3 years, 23 weeks, 5 days ago

                Development

                  Structure Helper Panel