1. Home
  2. Development
  3. RE: Liferay DXP login through ADFS

RE: Liferay DXP login through ADFS

sree p, modified 5 Years ago.
Liferay DXP login through ADFS
Junior Member Posts: 91 Join Date: 10/3/19 Recent Posts
Hello, I want to do login Authentication through ADFS for Liferay DXP, Can you please provided instructions how to make that SSO implementation between ADFS & Liferay EE
thumbnail
David H Nebinger, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Liferay Legend Posts: 14933 Join Date: 9/2/06 Recent Posts
ADFS is nothing more than branded LDAP.

Follow the instructions to set up LDAP for authentication and you'll be all set.
thumbnail
Christoph Rabel, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Liferay Legend Posts: 1555 Join Date: 9/24/09 Recent Posts
ADFS isn't AD, it is something different.
https://en.wikipedia.org/wiki/Active_Directory_Federation_Services
sree p, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Junior Member Posts: 91 Join Date: 10/3/19 Recent Posts
David, what ever you said is wrong, may be you did not understand my question.
thumbnail
David H Nebinger, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Liferay Legend Posts: 14933 Join Date: 9/2/06 Recent Posts
Sorry, Sree, you and Christoph are right, I was quick-reading it and stopped at AD...

You'd need to use SAML for the SSO authentication using ADFS, but I don't think that is offered in CE.

There's no "native" ADFS authentication support in Liferay.
thumbnail
Christoph Rabel, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Liferay Legend Posts: 1555 Join Date: 9/24/09 Recent Posts
I never got to try it, but you should be able to use the SAML2 connector of DXP.
https://web.liferay.com/de/marketplace/-/mp/application/15188711
If you try it that way, I would be interested if that works without issues.
sree p, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Junior Member Posts: 91 Join Date: 10/3/19 Recent Posts
Chris, I want to use IDP as ADFS , let's say If I hit Liferay protected resources then it has to route to ADFS url once my credential passed then that ADFS has to redirect to Liferay protected resource.
thumbnail
Christoph Rabel, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Liferay Legend Posts: 1555 Join Date: 9/24/09 Recent Posts
Yes, I understand. But to do that, you need to use SAML2.
sree p, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Junior Member Posts: 91 Join Date: 10/3/19 Recent Posts
Chris, can you please let me details about that , I know about saml2. But let me know the details steps for ADFS & Liferay dxp
thumbnail
Christoph Rabel, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Liferay Legend Posts: 1555 Join Date: 9/24/09 Recent Posts
Sorry, I have never done this. I really can't tell you any steps/details.
You have to download the SAML2 module and then configure it. ADFS also should have some configuration page for SAML2. Maybe there are some general guides on ADFS/SAML2 that help you.
sree p, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Junior Member Posts: 91 Join Date: 10/3/19 Recent Posts
it seems Liferay does not have proper information about this,  it's nightmare to Liferay customers
thumbnail
David H Nebinger, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Liferay Legend Posts: 14933 Join Date: 9/2/06 Recent Posts
There is plenty of documentation for using SAML with Liferay as the SP as well as with the IdP (although that is not what you need).

SAML is a standard and is about connecting pieces that conform to the standard, but that doesn't mean that every SP needs to or can document every possible SAML-based IdP solution.

You're going to have to do some work on this, Sree. Set up ADFS as a SAML IdP ala a page like this: https://support.zendesk.com/hc/en-us/articles/203663886-Setting-up-single-sign-on-using-Active-Directory-with-ADFS-and-SAML

Then connect Liferay as a SAML SP like this: https://help.liferay.com/hc/en-us/articles/360028711032-Authenticating-Using-SAML and https://help.liferay.com/hc/en-us/articles/360028711052-Setting-up-Liferay-DXP-as-a-SAML-Service-Provider

The rest is going to be on you.
sree p, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Junior Member Posts: 91 Join Date: 10/3/19 Recent Posts
Thanks David
sree p, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Junior Member Posts: 91 Join Date: 10/3/19 Recent Posts
Chrish , Do I need to download saml2 in liferay and what configuration I have to do on liferay side ?  and what we have to do on ADFS side ?
thumbnail
Jamie Sammons, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Expert Posts: 367 Join Date: 9/5/14 Recent Posts
Here is our documentation for configuring SAML2 with Liferay DXP: https://help.liferay.com/hc/en-us/articles/360028711032-Authenticating-Using-SAML

Unfortunately we don't have much experience with ADFS since it's a 3rd party integration. I did find a blog post that may help though: https://liferay.dev/blogs/-/blogs/adfs-liferay-dxp-integration
sree p, modified 5 Years ago.
RE: Liferay DXP login through ADFS
Junior Member Posts: 91 Join Date: 10/3/19 Recent Posts
thanks so much Jamie, your response give me a good idea to move on this integration.