Additional Resources
- 1 Minute to read
- Print
- PDF
Additional Resources
- 1 Minute to read
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
SAML logs on the iObeya server
As a Platform administrators, you can download the application logs from the administration interface (for support or maintenance purposes, for example):
Select Download logs in the Tools section on the left-hand side menu of the administraiton interface.
Select Ok.
Logs are downloaded from the server into a ZIP file
These logs show you when people manage to log in, and also when they fail.
You should find, in the logs, for each AuthNRequest line, a AuthNResponse.
For example, when there is a success, you should find the email address in the response:
INFO [SAMLDefaultLogger] AuthNRequest;SUCCESS…
…
INFO [SAMLDefaultLogger] AuthNResponse;SUCCESS... jdoe@mycompany.com...For example, when there is a failure:
INFO [SAMLDefaultLogger] AuthNRequest;SUCCESS...
...
INFO [SAMLDefaultLogger] AuthNResponse;FAILURE...If the file does not exist in the logs, here is how to activate SAML debug information in the log files
On iObeya platform, log4j2.xml is usually located in the “settings” folder in the iObeya folder.
Note:
If you cannot find the file, go to the conf\Catalina\localhost folder in Tomcat, and open the .xml context file.
The log4j2FilePath gives you the path to the file.
Open that file and uncomment the following part, by deleting the “<!--” and “-->” highlighted in yellow
INFO [SAMLDefaultLogger] AuthNRequest;SUCCESS…
…
INFO [SAMLDefaultLogger] AuthNResponse;SUCCESS... jdoe@mycompany.com...For example, when there is a failure:
<!-- DEBUG FILE LOG Console -->
<!--
<RollingFile name="debugfile" fileName="/var/iobeya/logs/appDebug.log" filePattern="/var/iobeya/logs/appDebug-%d{yyyy-MM-dd}-%i.log.gz">
<PatternLayout>
<Pattern>%d{yyyy-MM-dd HH:mm:ss} %5p [%c{1}] %m%n</Pattern>
</PatternLayout>
<Policies>
<TimeBasedTriggeringPolicy />
<SizeBasedTriggeringPolicy size="250 MB"/>
</Policies>
<DefaultRolloverStrategy max="5"/>
</RollingFile>
-->And add after <loggers>.
<!-- SAML -->
<Logger name="org.opensaml" level="DEBUG" />
<Logger name="org.springframework.security.saml" level="DEBUG" />
<Logger name="com.iobeya.auth.saml" value="DEBUG" />
<Logger name="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler" value="DEBUG" />SAML tool
Recommendation:
The use of SAML tool is highly recommended to troubleshoot the setup of the SAML connexion (to be installed by a person who is supposed to test SSO connexion).
With it, you can see if there are attributes in the SAML response and the names of the attributes you need to complete the iObeya SAML configuration.
To use the SAML tool:
Open your platform.
Launch your browser’s Devtools.
Perform the action that initiates SAML login.
Find SSO from the Network panel and look for a network request with
SAMLResponsein the Payload..png)
Copy the
SAMLResponsevalue.Open the SAML tool and paste the
SAMLResponsevalue into the tool.
View the extracted SAML information:
.png)
Embedding SSO login into the workflow of adding a user to a room
.png)
Was this article helpful?