Issue/Introduction:
I want to enable SAML SSO authentication into the UMP.
what logging to do I need to enable to be able to trouble shoot
the setup and configuration of this implementation?
Environment:
UIM 8.51 and earlier
UMP 8.51 and earlier
any SAML 2.0 integration
Resolution:
things to check:
- Before enabling SSO make sure the LDAP user testing with can log into Ump.
- Make sure you have the hub loglevel set to 3 and logsize set to 50000
- Set the wasp loglevel to 3 and logsize to 50000
- Set the below SAML logging
Unable to Process SAML Request and I am unable to log in.1. We enabled debug for SAML login:
a. Edit the file <UMP_Installation>\probes\service\wasp\webapps\ROOT\WEB-INF\classes\META-INF\portal-log4j-ext.xml.
b. Add the following sections, and save the file.
c. <category name="com.liferay.saml">
<priority value="DEBUG"/>
</category>
<category name="org.opensaml">
<priority value="DEBUG"/>
</category>
This places debug information for in the <UMP_Installation>\probes\service\wasp\portal.log.
Collect the following once a test is done
From primary
Robot.cfg
Controller.log
Hub.cfg
Hub.log
_hub.log
From ump
Wasp.cfg
Wasp.log
Portal.log
\probes\service\wasp\webapps\ROOT\WEB-INF\classes\META-INF\portal-log4j-ext.xml
\probes\service\wasp\webapps\ROOT\WEB-INF\classes\portal-ext.properties
UserID used to test SAML.
Identity provider Type and version.
Make sure they are using SAML 2.0
Screen shot of setup from identity provider.