How to Generate SAML Tracer export for Liferay Support

SAML Tracer can be a useful debugging tool for viewing SAML messages sent through the browser during single sign-on and single logout and helps with analyzing both SP- and IdP-initiated SAML flows, including viewing and exporting SAML requests and responses in various browsers.

It is a great diagnostic tool that Liferay Support may occasionally request. The following are steps that can be used to generate SAML Tracer exports depending on the browser being used.

 

Resolution

SAML Tracer Installation and Setup

  1. Install SAML-tracer or similar browser tool

    • To install for the Firefox browser, go to SAML Tracer for Firefox (by SimpleSAMLphp) and install extension.

    • To install for the Chrome browser, go to SAML Tracer for Google Chrome (by SimpleSAMLphp) and install extension.

    • Similar tools, such as SAML DevTools and SAML Chrome Panel, are available for other browsers.  As you are effectively installing software to perform a web browser man-in-the-middle attack, please exercise caution and choose tools from reputable sources.  

  2. After successful installation, access SAML Tracer through the browser menu bar by selecting Tools > SAML Tracer (or Extensions > SAML Tracer in Chrome).

  3. Navigate to the Service Provider’s site with the SAML Tracer window open.
  4. SAML-tracer will automatically begin to log HTTP requests and responses.  (You can enable 'Filter Resources' at the top to help simplify the log view.)
  5. Complete the task you wish to trace (i.e. authenticate to the SP with selected IdP)
  6. SAML requests and responses are tagged with SAML, like below.

chrome_qZq1Rcbud3.png

 

SAML Tracer Log Export

  • To export the SAML-tracer output, click on the Export button in SAML-tracer and select whether the exported file will have different cookie-filter profiles.
  • SAML-tracer will then export the file as a .JSON file to the set Downloads location.
  • Sanitize as necessary, before providing this .JSON file to Liferay Support.

chrome_ATIWy45kE8.png

 

Additional Information

 

¿Fue útil este artículo?
Usuarios a los que les pareció útil: 0 de 0