Advait Trivedi 10 Years Ago Hi Ankit,Thanks for the post.I have a question though, we dont require to add property "saml.metadata.paths" in SP configuration? Also, if not, then I would appreciate if you can shed some light on how SP gets hold of metadata.Thanks,Advait Please sign in to reply. Reply as... Cancel Ankit Srivastava Advait Trivedi 10 Years Ago Hi Advait,Thanks for figuring it out. I missed that property and modified accordingly now.Thanks:Ankit Please sign in to reply. Reply as... Cancel Advait Trivedi Ankit Srivastava 10 Years Ago Thanks Ankit.I saw steps in your post, but I didn't find any step where you get the metadata XML from okta. Can you please provide that detail?Thanks,Advait Please sign in to reply. Reply as... Cancel Ankit Srivastava Advait Trivedi 10 Years Ago Hi Advait,Please refer step 7 to get metadata xml.Thanks:Ankit Please sign in to reply. Reply as... Cancel Advait Trivedi Ankit Srivastava 10 Years Ago Hey Ankit,What is will be the keep alive URL config property for SP?Also, is there any documentation where we can read how keep alive url is used by SP?Thanks,Advait Please sign in to reply. Reply as... Cancel Ankit Srivastava Advait Trivedi 10 Years Ago Hi Advait,Please refer SessionKeepAliveAction.java in SAML plugin. Here you can find how its being used in Idp and SP both.Thanks:Ankit Please sign in to reply. Reply as... Cancel Rahul Jaiswal Ankit Srivastava 9 Years Ago Hi Ankit,Thanks for sharing this great stuff. I configured my local liferayt instance as SP. It is now working great with Okta.But I am running into one issue. After log-in via okta, sign-out is not working. When I click on sign-out button, it is redirecting through /c/portal/logout ---> /web/guest/home Session remains alive and never getting expire. Please sign in to reply. Reply as... Cancel Advait Trivedi Rahul Jaiswal 9 Years Ago @Ankit,I think OKTA doesn't support SingleLogout (SLO), if you check your SAML assertion in SAML Trace Firefox plugin you will see that SLO info is missing. So I guess, you will have to manually clean up SAML session without relying on assertions from OKTA (which is not good I think). Please sign in to reply. Reply as... Cancel Praveen Singh Bais Rahul Jaiswal 8 Years Ago Hey Rahul,Did you get a solution to this problem ? We are also facing the same issue. Please help if you have already solved it.Thanks Please sign in to reply. Reply as... Cancel Debanjan Hazra Rahul Jaiswal 3 Years Ago - Edited Did u resolve it? Please sign in to reply. Reply as... Cancel
Ankit Srivastava Advait Trivedi 10 Years Ago Hi Advait,Thanks for figuring it out. I missed that property and modified accordingly now.Thanks:Ankit Please sign in to reply. Reply as... Cancel Advait Trivedi Ankit Srivastava 10 Years Ago Thanks Ankit.I saw steps in your post, but I didn't find any step where you get the metadata XML from okta. Can you please provide that detail?Thanks,Advait Please sign in to reply. Reply as... Cancel Ankit Srivastava Advait Trivedi 10 Years Ago Hi Advait,Please refer step 7 to get metadata xml.Thanks:Ankit Please sign in to reply. Reply as... Cancel Advait Trivedi Ankit Srivastava 10 Years Ago Hey Ankit,What is will be the keep alive URL config property for SP?Also, is there any documentation where we can read how keep alive url is used by SP?Thanks,Advait Please sign in to reply. Reply as... Cancel Ankit Srivastava Advait Trivedi 10 Years Ago Hi Advait,Please refer SessionKeepAliveAction.java in SAML plugin. Here you can find how its being used in Idp and SP both.Thanks:Ankit Please sign in to reply. Reply as... Cancel Rahul Jaiswal Ankit Srivastava 9 Years Ago Hi Ankit,Thanks for sharing this great stuff. I configured my local liferayt instance as SP. It is now working great with Okta.But I am running into one issue. After log-in via okta, sign-out is not working. When I click on sign-out button, it is redirecting through /c/portal/logout ---> /web/guest/home Session remains alive and never getting expire. Please sign in to reply. Reply as... Cancel Advait Trivedi Rahul Jaiswal 9 Years Ago @Ankit,I think OKTA doesn't support SingleLogout (SLO), if you check your SAML assertion in SAML Trace Firefox plugin you will see that SLO info is missing. So I guess, you will have to manually clean up SAML session without relying on assertions from OKTA (which is not good I think). Please sign in to reply. Reply as... Cancel Praveen Singh Bais Rahul Jaiswal 8 Years Ago Hey Rahul,Did you get a solution to this problem ? We are also facing the same issue. Please help if you have already solved it.Thanks Please sign in to reply. Reply as... Cancel Debanjan Hazra Rahul Jaiswal 3 Years Ago - Edited Did u resolve it? Please sign in to reply. Reply as... Cancel
Advait Trivedi Ankit Srivastava 10 Years Ago Thanks Ankit.I saw steps in your post, but I didn't find any step where you get the metadata XML from okta. Can you please provide that detail?Thanks,Advait Please sign in to reply. Reply as... Cancel Ankit Srivastava Advait Trivedi 10 Years Ago Hi Advait,Please refer step 7 to get metadata xml.Thanks:Ankit Please sign in to reply. Reply as... Cancel
Ankit Srivastava Advait Trivedi 10 Years Ago Hi Advait,Please refer step 7 to get metadata xml.Thanks:Ankit Please sign in to reply. Reply as... Cancel
Advait Trivedi Ankit Srivastava 10 Years Ago Hey Ankit,What is will be the keep alive URL config property for SP?Also, is there any documentation where we can read how keep alive url is used by SP?Thanks,Advait Please sign in to reply. Reply as... Cancel Ankit Srivastava Advait Trivedi 10 Years Ago Hi Advait,Please refer SessionKeepAliveAction.java in SAML plugin. Here you can find how its being used in Idp and SP both.Thanks:Ankit Please sign in to reply. Reply as... Cancel Rahul Jaiswal Ankit Srivastava 9 Years Ago Hi Ankit,Thanks for sharing this great stuff. I configured my local liferayt instance as SP. It is now working great with Okta.But I am running into one issue. After log-in via okta, sign-out is not working. When I click on sign-out button, it is redirecting through /c/portal/logout ---> /web/guest/home Session remains alive and never getting expire. Please sign in to reply. Reply as... Cancel Advait Trivedi Rahul Jaiswal 9 Years Ago @Ankit,I think OKTA doesn't support SingleLogout (SLO), if you check your SAML assertion in SAML Trace Firefox plugin you will see that SLO info is missing. So I guess, you will have to manually clean up SAML session without relying on assertions from OKTA (which is not good I think). Please sign in to reply. Reply as... Cancel Praveen Singh Bais Rahul Jaiswal 8 Years Ago Hey Rahul,Did you get a solution to this problem ? We are also facing the same issue. Please help if you have already solved it.Thanks Please sign in to reply. Reply as... Cancel Debanjan Hazra Rahul Jaiswal 3 Years Ago - Edited Did u resolve it? Please sign in to reply. Reply as... Cancel
Ankit Srivastava Advait Trivedi 10 Years Ago Hi Advait,Please refer SessionKeepAliveAction.java in SAML plugin. Here you can find how its being used in Idp and SP both.Thanks:Ankit Please sign in to reply. Reply as... Cancel Rahul Jaiswal Ankit Srivastava 9 Years Ago Hi Ankit,Thanks for sharing this great stuff. I configured my local liferayt instance as SP. It is now working great with Okta.But I am running into one issue. After log-in via okta, sign-out is not working. When I click on sign-out button, it is redirecting through /c/portal/logout ---> /web/guest/home Session remains alive and never getting expire. Please sign in to reply. Reply as... Cancel Advait Trivedi Rahul Jaiswal 9 Years Ago @Ankit,I think OKTA doesn't support SingleLogout (SLO), if you check your SAML assertion in SAML Trace Firefox plugin you will see that SLO info is missing. So I guess, you will have to manually clean up SAML session without relying on assertions from OKTA (which is not good I think). Please sign in to reply. Reply as... Cancel Praveen Singh Bais Rahul Jaiswal 8 Years Ago Hey Rahul,Did you get a solution to this problem ? We are also facing the same issue. Please help if you have already solved it.Thanks Please sign in to reply. Reply as... Cancel Debanjan Hazra Rahul Jaiswal 3 Years Ago - Edited Did u resolve it? Please sign in to reply. Reply as... Cancel
Rahul Jaiswal Ankit Srivastava 9 Years Ago Hi Ankit,Thanks for sharing this great stuff. I configured my local liferayt instance as SP. It is now working great with Okta.But I am running into one issue. After log-in via okta, sign-out is not working. When I click on sign-out button, it is redirecting through /c/portal/logout ---> /web/guest/home Session remains alive and never getting expire. Please sign in to reply. Reply as... Cancel Advait Trivedi Rahul Jaiswal 9 Years Ago @Ankit,I think OKTA doesn't support SingleLogout (SLO), if you check your SAML assertion in SAML Trace Firefox plugin you will see that SLO info is missing. So I guess, you will have to manually clean up SAML session without relying on assertions from OKTA (which is not good I think). Please sign in to reply. Reply as... Cancel Praveen Singh Bais Rahul Jaiswal 8 Years Ago Hey Rahul,Did you get a solution to this problem ? We are also facing the same issue. Please help if you have already solved it.Thanks Please sign in to reply. Reply as... Cancel Debanjan Hazra Rahul Jaiswal 3 Years Ago - Edited Did u resolve it? Please sign in to reply. Reply as... Cancel
Advait Trivedi Rahul Jaiswal 9 Years Ago @Ankit,I think OKTA doesn't support SingleLogout (SLO), if you check your SAML assertion in SAML Trace Firefox plugin you will see that SLO info is missing. So I guess, you will have to manually clean up SAML session without relying on assertions from OKTA (which is not good I think). Please sign in to reply. Reply as... Cancel
Praveen Singh Bais Rahul Jaiswal 8 Years Ago Hey Rahul,Did you get a solution to this problem ? We are also facing the same issue. Please help if you have already solved it.Thanks Please sign in to reply. Reply as... Cancel
Debanjan Hazra Rahul Jaiswal 3 Years Ago - Edited Did u resolve it? Please sign in to reply. Reply as... Cancel
Montoo Garg 9 Years Ago Hi Ankit,Is it possible to test Liferay Portal SSO with-okta without exposing Liferay Portal URL over the internet? Liferay Portal is installed behind company firewall.Thanks,Montoo Garg Please sign in to reply. Reply as... Cancel
Vishnudas Lokhande 8 Years Ago Hi Ankit ,1 . Make sure you create same user in Liferay and OKTA for basic setup.I have question here , what if the user is not available in portal and it is there in the Okta.Does SAML imports and creates the user in Portal?In this case how can we proceed? Please sign in to reply. Reply as... Cancel Ankit Srivastava Vishnudas Lokhande 8 Years Ago Hi Vishnudas,If user is not available in Liferay portal and available in Idp, It will create that user in portal but make sure attribute mapping is correct. Please sign in to reply. Reply as... Cancel
Ankit Srivastava Vishnudas Lokhande 8 Years Ago Hi Vishnudas,If user is not available in Liferay portal and available in Idp, It will create that user in portal but make sure attribute mapping is correct. Please sign in to reply. Reply as... Cancel