Liferay Connector to SAML 2.0

  • Enterprise Subscribers Only: Find out how to get a subscription.

Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML OASIS standard for exchanging authentication and authorization data between security domains. SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal (usually an end-user) between an identity provider and a web service. SAML 2.0 enables web-based authentication and authorization scenarios including single sign-on (SSO). This app enables Liferay to act as a SAML 2.0 Identity Provider (IdP) or Service Provider (SP). It is built on top of OpenSAML and uses the Java Keystore for providing certificates/credentials for security. Once this app is installed, additional configuration is required to adapt the app with your local SAML environment and configuration. Visit the Documentation link to learn more about SAML and its configuration options.

Supported SAML Providers: PingFederate, ADFS, Shibboleth, Siteminder and OpenAM.

Fix Pack Requirements:

  • Liferay Connector to SAML 2.0 2.1.3 requires the installation of the Liferay Portal 6.2 EE Portal-154 Fix Pack or higher.
  • Liferay Connector to SAML 2.0 3.1.2 requires the installation of the Liferay Digital Enterprise 7.0 Fix Pack 90 or higher.
  • Liferay Connector to SAML 2.0 4.0.0+ requires the installation of the Liferay DXP 7.1 Fix Pack 3 or higher
Latest Changes
  • LPS-80054 Generated create methods should be marked as non-transactional
  • LPS-80184 Unable to use ServiceBuilder across multiple directories on the same machine
  • LPS-80332 Add suite bnd bundle instruction
  • LPS-80459 SAML SLO doesn't show server name, JSP cannot compile on 6.1.20
  • LPS-80517 GREEDY @Reference must also be DYNAMIC to prevent tons of meaningless component activation/deactivation whi...
  • LPS-80661 Cannot log in to SAML after upgrading from version 3.0.0 to 3.1.0 or 3.1.1 - com.liferay.saml.runtime.SamlE...
  • LPS-80723 ServiceBuilder's convert-null property is ignored in CacheModel
  • LPS-81106 Update SF to apply commercial copyright for private apps
  • LPS-81555 Use enhanced for-loop when iterating over arrays or collections when possible
  • LPS-81704 FinderCache doesn't work properly when using null values in a null convertible string column (for all cases)
  • LPS-81706 Count* and related fetch* methods are returning inconsistent results when using null values in a null conve...
  • LPS-82261 Improve Hibernate model property wiring performance
  • LPS-82343 Consolidate language keys
  • LPS-82828 Simplify deprecation javadoc by using release code name instead of version
  • LPS-83403 Unable to relogin after setting SAML IdP and SP
  • LPS-84119 SourceFormatter improvements
  • LPS-84181 Apply Petra-String StringBundler to leftover modules which does not contain usages in APIs
  • LPS-84540 Missing NameID format causes NullPointerException
  • LPS-85052 Upgrade to opensaml 3.0 library
  • LPS-85296 Clean up @Component annotation
  • LPS-85657 SAML Login with multiple sites and virtual hosts not working correctly
  • LPS-85849 dynamicQuery methods should be annotated with @Transactional(readOnly=true)
  • LPS-86072 Stop using Struts' plugin support
  • LPS-86237 Sync slf4j-api versions
  • LPS-86408 Set default Java version to 1.8 for OSGi projects
  • LPS-86776 SingleLogoutProfileIntegrationTest assertion fails
  • LPS-86806 Create Java Parser
  • LPS-86944 Unable to shutdown portal configured with SAML using shutdown.sh
  • LPS-87885 Prepare 7.2.0 Service Builder DTD
  • LPS-88170 Service Builder Generated Class possibility of Syntax Error
  • LPS-88181 Pull up fetchByPrimaryKeys() from generated PersistenceImpls to BasePersistenceImpl
  • LPS-88218 Commonly used JSON methods
  • LPS-88302 Using SAML with LDAP import over secure connection to the LDAP server causes java.lang.ClassNotFoundExcepti...
  • LPS-88665 Create internal functional attribute getter and setter methods and to duplication in generated models
  • LPS-88823 Reduce duplication in generated ModelWrappers
  • LPS-88852 Support managing multiple IdPs on SP admin UI
  • LPS-88853 Upgrade login process to support multiple SAML IdPs
  • LPS-88923 Encrypt assertion using peer's metadata encryption information
  • LPS-88924 Create credentials for encryption
  • LPS-89063 Render local login portlet when no IdP is matched
  • LPS-89288 Remove portal-kernel-compat modules
  • LPS-89445 Uuid column bitmasks are never used by ServiceBuilder
  • LPS-89456 Keyword "system" should be escaped for MySQL 8.0
  • LPS-89567 StagedAuditedModel is not found when using service builder
  • LPS-89909 SAML System Settings appear under the "Other" section instead of "SSO"
  • LPS-90008 Exceptions incorrectly logged when operator NOT is used in a statement
  • LPS-90460 User is no longer able to access the SAML SP after changing the SAML metadata refresh interval
  • LPS-90465 User info doesn't update on the SAML Service Provider after changing it on the Identity Provider
  • LPS-90523 Remove useless interface methods for 7.2 and later when generating from service builder
  • LPS-90700 SPI to control IdP selection
  • LPS-91342 Clean JAX-RS without RestBuilder (remove apio and port bulk-rest)
  • LPS-91343 Integrate portal-tools-java-parser with ServiceBuilder
  • LPS-91420 Integrate portal-tools-java-parser with SourcFormatter
  • LPS-91450 IdP should be able to mandate that SPs provide an encryption certificate
  • LPS-91847 Need ability on SAML to map user attributes to service provider intended values in the assertion
  • LPS-91918 SAML Administration Page shouldn't create SHA-1 certificates
  • LPS-91970 Service Builder adds columns with db-column name as badColumnNames even if db-name is valid
  • LPS-92430 Deleting encryption certificate doesn't actually delete it from the keystore
  • LPS-92511 Remove com/liferay/frontend/taglib/clay/servlet/taglib/util/SafeConsumer.java
  • LPS-94445 SAML SLO fails when LDAP is enabled and throws NullPointerException
  • LPS-95067 Deprecate ServiceTrackerFactory.open(Class<?>) since it leaks ServiceTrackers
  • LPS-95317 SAML session expiration causes IdP portal session to expire
  • LPS-95413 Remove lib/development/biz.aQute.bnd.jar
  • LPS-95555 Unify osgi.core versions in build.gradle files
  • LPS-95705 Allow non admin user to use Analytics Cloud in DXP
  • LPS-96018 Optimize Proxy creation
  • LPS-96095 Sync compileOnly dependency versions
  • LPS-96481 Turn on disabled Source Formatter checks and apply across private repos and subrepos
  • LPS-96830 Avoid initialization of _escapedModelProxyProviderFunction when not needed
  • LPS-96982 User's portrait is lost when utilizing SAML
  • LPS-97169 Deprecated CompanyProvider and remove its usages
  • LPS-97256 Upgrade the Jodd Json library to at least version 3.6.8
  • LPS-97722 Typo in SAML KeyStoreManager System Settings
  • LPS-97985 Update linting set-up in master-private
  • LPS-98032 Reactivate .jsp formatting
  • LPS-98198 Clean up export packages in bnd
  • LPS-98728 Sync xml-apis version
  • LPS-98877 Sync portlet-api version
  • LPS-98879 Sync servlet-api versions
  • LPS-99252 Change retrieveFromCache persistence variable to useFinderCache
  • LPS-99657 Enforce consistency for packages
  • LPS-99919 Remove support of terracotta
  • LRCI-699 Semantic ver and modules semanic versioning are failing on dxp profiles
  • LRDOCS-6300 Remove unnaccessible class references from Javadoc of generated classes
  • LRDOCS-8120 Javadoc: Don't tell API consumers to use the LocalServiceUtil
  • LRQA-44442 Ignore failing tests
  • LRQA-45313 ReleaseInfo - 7.2 M1
  • LRQA-46618 Build SAML only on private repos
  • LRQA-51488 Clarifying strings
  • LRQA-53482 Use reflectionTestUtil to activate/deactivate bundles in test modules since they are now protected
Show More

Customers Who Viewed This Also Bought