Environment
- Liferay DXP 7.0-7.4
- Liferay Connector to SAML 2.0
v3.1+
,v4.1+
,v5.x
,v6.x
,v7.x
Resolution
This sample module (^source is attached to this page) aims to provide minimal boilerplate code one can use to implement custom Liferay SAML 2.0 resolvers for:
com.liferay.saml.opensaml.integration.resolver.AttributeResolver
(extension point for Liferay DXP IdP)com.liferay.saml.opensaml.integration.resolver.NameIdResolver
(extension point for Liferay DXP IdP)com.liferay.saml.opensaml.integration.resolver.UserResolver
(extension point for Liferay DXP SP)
Each of the custom resolvers sets a higher service.ranking
as a @Component property in order to ensure that the custom resolvers will be used over the default ones shipped with Liferay's SAML 2.0 connector.
Dependencies
License: Liferay DXP developer or production license.
Source: (Optional) You can download the Maven-style source JARs of the Liferay Connector to SAML 2.0 modules through your Purchased Apps page from Liferay Marketplace or request it through Liferay Support by opening a ticket if you don't find the source of a given version.
Compile: See build.gradle
in the attached source.
Notes:
- You need to extract
com.liferay.saml.opensaml.integration-x.y.z.jar
from the Liferay Connector to SAML 2.0.lpkg (you can download it from Marketplace) and put it into a folder calledlibs
created in the module's root folder.- On DXP 7.4, this artifact is also available in Liferay's Nexus repository so it is enough to simply reference it with the proper groupId/artifactId/version information just like any other dependencies.
- Version
3.0.14
ofcom.liferay.saml.persistence.api
used in this sample is included in Liferay Connector to SAML 2.0v5.0.1
and is available in Liferay's Nexus repository. This was the latest available release at the time of writing. If you are using a newer version of the SAML 2.0 connector, you will need to adjust the version of the dependencies accordingly. Alternatively, you can extract it from Liferay Connector to SAML 2.0.lpkg and have it in thelibs
folder. In this case, you can remove the explicit dependency frombuild.gradle
.
Runtime:
- Liferay DXP 7.2
SP2+/FP5+
- Liferay Connector to SAML 2.0
v5.0.1
Note: the customization method should be the same for previous versions of the Liferay Connector to SAML 2.0, as well (4.1+
for DXP 7.1 and 3.1+
for DXP 7.0). You just need to update the dependencies accordingly.
Build
- Download and unzip the ^source attached to this page
- Place the module's source into the
modules
folder of your Liferay Workspace or use Liferay Developer Studio - Run
gradlew deploy
orgradlew assemble
.
Deploy
- Place Liferay Connector to SAML 2.0.lpkg into
[Liferay Home]/osgi/marketplace
- Place
com.liferay.custom.saml.resolvers-x.y.z.jar
produced by the build into[Liferay Home]/osgi/deploy
- Start Liferay DXP
You should see log messages in the console like these:
2020-09-09 13:05:15.073 INFO [Refresh Thread: Equinox Container: 20022c4f-8479-4d66-a8fc-dcfe51951f12][BundleStartStopLogger:46] STARTED com.liferay.custom.saml.resolvers_3.0.30 [718]
2020-09-09 13:05:15.076 DEBUG [Refresh Thread: Equinox Container: 20022c4f-8479-4d66-a8fc-dcfe51951f12][CustomAttributeResolver:64] Activated
2020-09-09 13:05:15.076 DEBUG [Refresh Thread: Equinox Container: 20022c4f-8479-4d66-a8fc-dcfe51951f12][CustomAttributeResolver:67] Default resolver: class com.liferay.saml.opensaml.integration.internal.resolver.DefaultAttributeResolver
2020-09-09 13:05:15.077 DEBUG [Refresh Thread: Equinox Container: 20022c4f-8479-4d66-a8fc-dcfe51951f12][CustomNameIdResolver:71] Activated
2020-09-09 13:05:15.078 DEBUG [Refresh Thread: Equinox Container: 20022c4f-8479-4d66-a8fc-dcfe51951f12][CustomNameIdResolver:74] Default resolver: class com.liferay.saml.opensaml.integration.internal.resolver.DefaultNameIdResolver
2020-09-09 13:05:15.079 DEBUG [Refresh Thread: Equinox Container: 20022c4f-8479-4d66-a8fc-dcfe51951f12][CustomUserResolver:66] Activated
2020-09-09 13:05:15.079 DEBUG [Refresh Thread: Equinox Container: 20022c4f-8479-4d66-a8fc-dcfe51951f12][CustomUserResolver:68] Default resolver: class com.liferay.saml.opensaml.integration.internal.resolver.DefaultUserResolver
Testing
As a quick test, you can create two Virtual Instances in your Liferay DXP installation and configure them as a SAML IdP and SP respectively. When the sample module is deployed, you should see the following log messages in Liferay DXP's console upon authenticating a user:
2020-09-09 12:00:13.051 DEBUG [http-nio-7211-exec-6][CustomNameIdResolver:51] Resolving
2020-09-09 12:00:28.846 DEBUG [http-nio-7211-exec-6][CustomAttributeResolver:48] Resolving
2020-09-09 12:00:30.356 DEBUG [http-nio-7211-exec-10][CustomUserResolver:46] Resolving