How do I enable logging for UMP SAML SSO

Document ID : KB000102350
Last Modified Date : 18/06/2018
Show Technical Document Details
I want to enable SAML SSO authentication into the UMP.
what logging to do I need to enable to be able to trouble shoot
the setup and configuration of this implementation?

UIM 8.51 and earlier
UMP 8.51 and earlier
any SAML 2.0 integration
things to check:
  1. Before enabling SSO make sure the LDAP user testing with can log into Ump.
  2. Make sure you have the hub loglevel set to 3 and logsize set to 50000
  3. Set the wasp loglevel to 3 and logsize to 50000
  4. Set the below SAML logging
Unable to Process SAML Request and I am unable to log in.
1. We enabled debug for SAML login:
a. Edit the file <UMP_Installation>\probes\service\wasp\webapps\ROOT\WEB-INF\classes\META-INF\portal-log4j-ext.xml.
b. Add the following sections, and save the file.
c. <category name="com.liferay.saml">
<priority value="DEBUG"/>
<category name="org.opensaml">
<priority value="DEBUG"/>

This places debug information for in the <UMP_Installation>\probes\service\wasp\portal.log.
Collect the following once a test is done
From primary
From ump
UserID used to test SAML.
Identity provider Type and version.
Make sure they are using SAML 2.0
Screen shot of setup from identity provider.