Submit Feedback
Legacy Knowledge Base
Published Jul. 2, 2025

Post deployment of SAML plugin the SAML Admin page is blank

Written By

Thanga Meena

How To articles are not official guidelines or officially supported documentation. They are community-contributed content and may not always reflect the latest updates to Liferay DXP. We welcome your feedback to improve How To articles!

While we make every effort to ensure this Knowledge Base is accurate, it may not always reflect the most recent updates or official guidelines.We appreciate your understanding and encourage you to reach out with any feedback or concerns.

Legacy Article

You are viewing an article from our legacy "FastTrack" publication program, made available for informational purposes. Articles in this program were published without a requirement for independent editing or verification and are provided"as is" without guarantee.

Before using any information from this article, independently verify its suitability for your situation and project.

Issue

  • After deploying the SAML plugin in the Liferay instance, the SAML admin page displayed blank.
  • Below Stack trace occurs in the log at the time of performing the above actions.
2021-03-23 19:14:22.610 WARN [ajp-nio-8009-exec-5][PortalImpl:1030] Redirect URL https://XXX.com:443/group/control_panel/manage?p_p_id=com_liferay_saml_web_internal_portlet_SamlAdminPortlet&p_p_lifecycle=0&p_p_state=normal&p_p_state_rcv=1 is not allowed
2021-03-23 19:14:22.612 ERROR [ajp-nio-8009-exec-5][MVCPortlet:580] null is not a valid include
2021-03-24 11:33:19.580 ERROR [main][ReleaseManagerOSGiCommands:93] bundle com.liferay.portal.upgrade.impl:3.0.18 (858)[com.liferay.portal.upgrade.internal.release.osgi.commands.ReleaseManagerOSGiCommands(2594)] : The activate method has thrown an exception 
com.liferay.portal.kernel.upgrade.UpgradeException: Bundle com.liferay.saml.persistence.service_3.0.25 [1183] has invalid content in tables.sql:_create table SamlIdpSpConnection (_    samlIdpSpConnectionId LONG not null primary key,_    companyId LONG,_    
userId LONG,_    userName VARCHAR(75) null,_    createDate DATE null,_    modifiedDate DATE null,_    samlSpEntityId VARCHAR(1024) null,_    assertionLifetime INTEGER,_    attributeNames STRING null,_    attributesEnabled BOOLEAN,_    attributesNamespaceEnabled BOOLEAN,_    
enabled BOOLEAN,_    encryptionForced BOOLEAN,_    metadataUrl VARCHAR(1024) null,_    metadataXml TEXT null,_    metadataUpdatedDate DATE null,_    name VARCHAR(75) null,_    nameIdAttribute VARCHAR(1024) null,_    nameIdFormat VARCHAR(1024) null_);__create table SamlIdpSpSession 
(_    samlIdpSpSessionId LONG not null primary key,_    companyId LONG,_    userId LONG,_    userName VARCHAR(75) null,_    createDate DATE null,_    modifiedDate DATE null,_    samlIdpSsoSessionId LONG,_    samlSpEntityId VARCHAR(1024) null,_    nameIdFormat VARCHAR(1024) null,_    
nameIdValue VARCHAR(1024) null_);__create table SamlIdpSsoSession (_    samlIdpSsoSessionId LONG not null primary key,_    companyId LONG,_    userId LONG,_    userName VARCHAR(75) null,_    createDate DATE null,_    modifiedDate DATE null,_    samlIdpSsoSessionKey VARCHAR(75) null_);
__create table SamlSpAuthRequest (_    samlSpAuthnRequestId LONG not null primary key,_    companyId LONG,_    createDate DATE null,_    samlIdpEntityId VARCHAR(1024) null,_    samlSpAuthRequestKey VARCHAR(75) null_);__create table SamlSpIdpConnection (_    samlSpIdpConnectionId 
LONG not null primary key,_    companyId LONG,_    userId LONG,_    userName VARCHAR(75) null,_    createDate DATE null,_    modifiedDate DATE null,_    samlIdpEntityId VARCHAR(1024) null,_    assertionSignatureRequired BOOLEAN,_    clockSkew LONG,_    enabled BOOLEAN,_    forceAuthn BOOLEAN,
_    ldapImportEnabled BOOLEAN,_    metadataUrl VARCHAR(1024) null,_    metadataXml TEXT null,_    metadataUpdatedDate DATE null,_    name VARCHAR(75) null,_    nameIdFormat VARCHAR(1024) null,_    signAuthnRequest BOOLEAN,_    userAttributeMappings STRING null_);__create table SamlSpMessage 
(_    samlSpMessageId LONG not null primary key,_    companyId LONG,_    createDate DATE null,_    samlIdpEntityId VARCHAR(1024) null,_    samlIdpResponseKey VARCHAR(75) null,_    expirationDate DATE null_);__create table SamlSpSession (_    samlSpSessionId LONG not null primary key,_    
companyId LONG,_    userId LONG,_    userName VARCHAR(75) null,_    createDate DATE null,_    modifiedDate DATE null,_    samlIdpEntityId VARCHAR(1024) null,_    samlSpSessionKey VARCHAR(75) null,_    assertionXml TEXT null,_    jSessionId VARCHAR(200) null,_    nameIdFormat VARCHAR(1024) null,
_    nameIdNameQualifier VARCHAR(1024) null,_    nameIdSPNameQualifier VARCHAR(1024) null,_    nameIdValue VARCHAR(1024) null,_    sessionIndex VARCHAR(75) null,_    terminated_ BOOLEAN_); [Sanitized]
 at com.liferay.portal.spring.extender.internal.upgrade.InitialUpgradeExtender$InitialUpgradeStep.upgrade(......

Environment

  • Liferay DXP 7.2 FP7
  • SAML Version 5.0.1 which requires FP5+

Resolution

  • The above exception shows that there are some stale data existing even after un-deploying the SAML plugin
  • As per the logs, the below tables have the existing corrupted data. 
     
     SamlIdpSpConnection
     SamlIdpSpSession
     SamlIdpSsoSession
     SamlSpAuthRequest
     SamlSpIdpConnection
     SamlSpMessage
     SamlSpSession
  • The issue gets fixed by removing the stale data of the traced tables related to SAML. 
    • Best practice and steps:
      • Take the complete DB backup and environment back to avoid the loss of data.
      • Remove the stale data by running the groovy script. Create a help center ticket to get assistance from the support team for the groovy script.
      • Also, remove the stale data if exist in the configuration_ table related to the SAML. Note: The recommended way is not to delete the data directly from the DB. Hence, connect with the DB team to do so at your discretion.
      • Un-deploy the SAML plugin: Delete the deployed SAMl plugin from the LR_HOME/OSGi/marketplace folder
      • Shutdown the server. Before restarting the server, delete the temp directories.
      • Once the server is up, deploy the SAML plugin and check the behaviour by restarting it as notified in the console. Note: Make sure by checking the behaviour using a private or incognito browser window to avoid the cache.
Did this article resolve your issue ?
Legacy Knowledge Base
Did this article resolve your issue ?