Message Boards

Why is the SAML SingleLogoutProfileImpl class not being executed???

thumbnail
Clint Wilde, modified 3 Years ago.

Why is the SAML SingleLogoutProfileImpl class not being executed???

Junior Member Posts: 39 Join Date: 3/5/13 Recent Posts
​I have liferay DXP set up as an IDP with the latest SAML connector on my laptop, and I am using https://samltest.id/ as the SP for testing purposes.  I want to extend the class com.liferay.saml.opensaml.integration.internal.servlet.profile.SingleLogoutProfileImpl and add some logging to the processIdpLogout() method. 
However, I have been unable to get the SingleLogoutProfileImpl class to be executed when I go to /c/portal/logout.  My understanding is that when SAML is configured correctly, the /c/portal/logout code redirects to /c/portal/saml/slo, and thus calls  SingleLogoutProfileImpl.<br><br>
I have the logging enabled, but nothing in the logs are being generated from that class. I’ve read that the SAML SingleLogout must be configured in Liferay, but so far, after looking around quite a bit, I have not been able to find it.<br><br>

When I explicitly go to /c/portal/saml/slo in my browser, I get the following in my logs:
ERROR [http-nio-8081-exec-7][BaseSamlStrutsAction:59] org.opensaml.messaging.decoder.MessageDecodingException: No SAMLRequest or SAMLResponse query path parameter, invalid SAML 2 HTTP Redirect message<br><br>

When I go to /c/portal/logout in my browser, I see this in the logs:2020-05-08 20:39:04.670 DEBUG [http-nio-8081-exec-1][BaseProfile:121] Received message using binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect <?xml version="1.0" encoding="UTF-8"?><samlp:LogoutResponse xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="http://mhv.gov:8081/c/portal/saml/slo" ID="_7131f61e8d16e19856ecdadc12dede7e" InResponseTo="_e2ab00c5799ff91b7d3ed0c20e604a535926359d" IssueInstant="2020-05-08T20:38:16Z" Version="2.0"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://samltest.id/saml/sp</saml:Issuer><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status></samlp:LogoutResponse>.<br><br>

So the bottom line is, I'm looking for need to know how to how to execute the  SingleLogoutProfileImpl class.<br><br>
Thanks,Clint
thumbnail
Clint Wilde, modified 3 Years ago.

RE: Why is the SAML SingleLogoutProfileImpl class not being executed???

Junior Member Posts: 39 Join Date: 3/5/13 Recent Posts
Thanks to Andrew's help this is now working.  I had a class where there should have been in interface in 2 places.  Here's the working class:
package com.sample.test;import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.saml.opensaml.integration.internal.servlet.profile.SingleLogoutProfileImpl;
import com.liferay.saml.persistence.model.SamlSpSession;
import com.liferay.saml.runtime.servlet.profile.SingleLogoutProfile;@Component(
    immediate = true,
    property = { 
            "service.ranking:Integer=1000"
    },
    service = SingleLogoutProfile.class /*(interface)*/
)public class MySAMLLogoutImpl extends SingleLogoutProfileImpl {
    
    @Reference(target = "(component.name=com.liferay.saml.opensaml.integration.internal.servlet.profile.SingleLogoutProfileImpl)")
    private SingleLogoutProfile /*(interface)*/_defaultService;
    private Log _log = LogFactoryUtil.getLog(MhvSAMLLogoutImpl.class);
    
    @Override
    public void processIdpLogout(
            HttpServletRequest httpServletRequest,
            HttpServletResponse httpServletResponse)
        throws PortalException {        _log.info("+++++ START Inside processIdpLogout()");
        
        _defaultService.processIdpLogout(httpServletRequest, httpServletResponse);
        
        _log.info("+++++ END Inside processIdpLogout()");
    }
}