フィードバックを送信
legacy-knowledge-base
公開されました Sep. 10, 2025

How to set two Liferays as separate SAML and IdP servers?

written-by

Zsuzsa Emese Kállai

How To articles are not official guidelines or officially supported documentation. They are community-contributed content and may not always reflect the latest updates to Liferay DXP. We welcome your feedback to improve How To articles!

While we make every effort to ensure this Knowledge Base is accurate, it may not always reflect the most recent updates or official guidelines.We appreciate your understanding and encourage you to reach out with any feedback or concerns.

legacy-article

learn-legacy-article-disclaimer-text

Issue

  • How to set two Liferays as separate SAML and IdP servers?

Environment

  • Liferay DXP Quarterly Release

Resolution

Configure and setup first bundle:

  1. Add portlet.session.replicate.enabled=true to portal-ext.properties in both bundles
  2. Startup the first local bundle with default port settings
  3. Wait until bundle finished the startup process

Configure and setup second bundle:

  1. Modify lines in tomcat/config/server.xml 
    <Server port="8005" shutdown="SHUTDOWN">
    <Connector maxThreads="75" port="8081" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" maxParameterCount="1000"/>
  2. Download and copy com.liferay.portal.search.elasticsearch7.configuration.ElasticsearchConfiguration.config file into /osgi/configs

    Use this file only for testing purposes

  3. Add the following line in your host file 127.0.0.1 localhost2
  4. Startup the second local bundle

Set up the Service Provider:

  1. Visit http://localhost:8080/
  2. Go to the Control Panel → Instance Settings → Instance Configuration → General tab
  3. Set Name to Service Provider
  4. Go to Control Panel → SAML Admin → General
    1. SAML Role: Service Provider
    2. Entity ID: sp
  5. Click on Save
  6. Check Enabled
  7. Click on Save

Set up the Identity Provider Connection:

  1. Go to Control Panel → SAML Admin → Service Provider Connections
  2. Click on Add Service Provider
  3. In the New Identity Provider window
    1. Name: Identity Provider
    2. Select Enabled
    3. Entity Id: idp
    4. Choose connect to metadata URL option
    5. Metadata URL: http://localhost2:8081/c/portal/saml/metadata
    6. Name Identifier Format: Email Address
    7. Name Identifier Attribute Name: emailAddress

Set up the Identity Provider:

  1. Visit http://localhost:8081/
  2. Go to the Control Panel → Instance Settings → Instance Configuration → General tab
  3. Set name to Service Provider
  4. Set Virtual Host to localhost2
  5. Go to Control Panel → SAML Admin → General
    1. SAML Role: Identity Provider
    2. Entity ID : idp
    3. Click on Save
    4. Check Enabled
    5. Click on Save

Set up the Service Provider Connection:

  1. Go to Control Panel → SAML Admin → Service Provider Connections
  2. Click on Add Service Provider
  3. On the New Service Provider window
    1. Name: Service Provider
    2. Select Enabled
    3. Entity Id: sp
  4. Choose connect to metadata URL option
  5. Meta data URL: http://localhost:8080/c/portal/saml/metadata
  6. Name Identifier Format: Email Address
  7. Name Identifier Attribute Name: emailAddress

Usage:

  1. Visit http://localhost:8080/
  2. Click on Sign In
  3. You are redirected to the Identity Provider
  4. Sing in with your credentials
  5. You are redirected to the Service Provider

Additional Information

did-this-article-resolve-your-issue
legacy-knowledge-base
did-this-article-resolve-your-issue