How do I enable logging for UMP SAML SSO

Document ID : KB000102350
Last Modified Date : 18/06/2018
Show Technical Document Details
Question:
I want to enable SAML SSO authentication into the UMP.
what logging to do I need to enable to be able to trouble shoot
the setup and configuration of this implementation?


 
Environment:
UIM 8.51 and earlier
UMP 8.51 and earlier
any SAML 2.0 integration
Answer:
things to check:
  1. Before enabling SSO make sure the LDAP user testing with can log into Ump.
  2. Make sure you have the hub loglevel set to 3 and logsize set to 50000
  3. Set the wasp loglevel to 3 and logsize to 50000
  4. Set the below SAML logging
Unable to Process SAML Request and I am unable to log in.
1. We enabled debug for SAML login:
a. Edit the file <UMP_Installation>\probes\service\wasp\webapps\ROOT\WEB-INF\classes\META-INF\portal-log4j-ext.xml.
b. Add the following sections, and save the file.
c. <category name="com.liferay.saml">
<priority value="DEBUG"/>
</category>
<category name="org.opensaml">
<priority value="DEBUG"/>
</category>

This places debug information for in the <UMP_Installation>\probes\service\wasp\portal.log.
 
Collect the following once a test is done
From primary
Robot.cfg
Controller.log
Hub.cfg
Hub.log
_hub.log
 
From ump
Wasp.cfg
Wasp.log
Portal.log
\probes\service\wasp\webapps\ROOT\WEB-INF\classes\META-INF\portal-log4j-ext.xml
\probes\service\wasp\webapps\ROOT\WEB-INF\classes\portal-ext.properties
 
UserID used to test SAML.
 
Identity provider Type and version.
Make sure they are using SAML 2.0
Screen shot of setup from identity provider.