Hi all,

I want to use my own custom login portlet. by cliking on signin link &
i am redirected to my custom login portlet by using below lines in portal-ext.properties

auth.login.url=/web/guest/login

auth.login.portlet.name=Atyaf-Login

my custom portlet is having one Email-id field and one password field.

Now the problem is that when i am logging with test@liferay.com its not logging in.

Will anyone plz help me how to login a user through my own custom portlet.

Hi Lipsa

Once you forward to the custom login portlet then you need to call liferay API in your custom login portlet ProcessAction() method and redirect to the home page which you have created.

in Liferay4.x we are using below API to call the liferay loginService.

LoginAction.login(httpReq, httpRes, UserId, Password, false);

But in Liferay6.x i feel they have change the liferay API like below.

LoginUtil.login(HttpServletRequest request, HttpServletResponse response, String login, password, boolean rememberMe, String authType)-- which gives an option to send login value as emailId by specifying authType="emailAddress".


Once you authenticated with any of the above liferay API method you can redirect to your home page.

NOTE: depends on your Liferay version you need to find the Liferay Login API params.

Hi Ugandhar ,

Thanks for your valuable feedback
We have created a portlet. In that portlet we are not able to access the LoginUtil which I suppose is in portal-impl.jar.
And I think we cannot access the classes of portal-impl.jar directly.
Is there any other way to make the user login in the portal.


Thanks

lipsa

Hi lipsa

we are using Ext environment so portal-impl.jar will be present and we imported the class directly and used it.
i think if we are using plugin environment then you can copy portal-impl.jar to your lib.

in Liferay6 we can use Hooks, as of now i am not having more idea on this.

Hi Lipsa,
Try using the UserLocalServiceUtil class to authenticate the user and then forward to the required jsp.


regards
Sri

I have the same issue.

I have tried to use UserLocalServiceUtil class to do the authentication, the authentication is success but when I forward to home page, liferay seems cannot regconize the user is logged in. Any paramenter should be set to session to let liferay know that the user is logged in?

I was writing my own custom portlet for login process and I thought that as long as I call LoginUtil.login (from portal-impl.jar.) it will log me in. Then I realized that you can't have custom portlets using portal-impl.jar.

I think you can do it the ext plugin way, which I haven't tried.

But the following worked for me.

You can still use the service/method calls in portal-impl.jar from your custom portlets using PortalClassInvoker (from portal-service.jar located in tomcat/lib/ext), as follows (Thanks to Gordon Augat for telling me about this)

after this redirect to,


I don't want to go into details but, there is some classloader hierarchy/visibility magic happening here.

But, I had to do couple of more things to make it work.

1. set this in external portal properties file. I think it depends on what you are using to create custom portlets. I was using Vaadin and if I had this to true, the login process was invalidating the session, which was making my vaadin application freak out on me.



Even after that my login didn't work. The LoginUtil.login method was being called correctly but I am still getting the login screen.

2.in liferay-portlet.xml, set the following. It took me couple of days to figure this out.

**NOTE: Liferay expects the <tags> in liferay-portlet.xml in certain order, otherwise it is barfing on me.

The Login process was like this, LoginUtil.login does its work and the com.liferay.portal.servlet.MainServlet.loginUser was making the login stick for the session by looking for some attributes ("j_remoteuser", "j_username" and few others) set by LoginUtil.login. The problem I had with my process was , when I call the LoginUtil.login method, it is setting lots of stuff in session object (gets from the request object I was sending) The session it was setting all of those was a PORTLETSESSION instance and MainServlet is looking into PORTALSESSION. So, I had to make sure that there is no private portlet session for my custom login portlet and have it use the portal session.

And that worked for me.


Hope that helps

Hi Vijay,

I followed your method of implementation but I've encountered an exception stating "Invalid Authentication Token" after i send redirect to themeDisplay.gethPathMain(). On further troubleshooting from liferay src, it was thrown by the check() method in class com.liferay.portal.security.auth.SessionAuthToken. Apparently, the program is looking for a parameter "p_auth" from the request but it was not present.

Hi All,

I am getting the below exception after I deploy the code which they have given above.

java.lang.NoSuchMethodException: com.liferay.portlet.login.util.LoginUtil.login(com.liferay.portal.servlet.NamespaceServletRequest, com.liferay.portal.servlet.filters.strip.Stri
pResponse, java.lang.String, java.lang.String, java.lang.Boolean, java.lang.String)

Here is my code :
PortletRequest portletRequest = (PortletRequest)actionRequest;
PortletResponse portletResponse = (PortletResponse)actionResponse;

HttpServletRequest httpRequest = PortalUtil.getHttpServletRequest(portletRequest);
HttpServletResponse httpResponse = PortalUtil.getHttpServletResponse(portletResponse);

System.out.println("httpRequest--->" + httpRequest);
System.out.println("httpResponse--->" + httpResponse);

PortalClassInvoker.invoke("com.liferay.portlet.login.util.LoginUtil", "login",
new Object[] { httpRequest, httpResponse, "test@liferay.com", "test", false, CompanyConstants.AUTH_TYPE_EA});

Can any one help me with the correct way of getting HttpServletRequest Object and HettpServletResponse Object from actionReqeust and actionResponse objects in my processAction method.

Any help is really appreciated. Thanks in advance.

Regards,
Srik

It all depends on which liferay version you are using. I am using 6.1 GA1.

My approach involved looking into the Liferay's core login process

which involves
1. calling a struts action mapped to "com.liferay.portal.action.LoginAction", which inturn makes a call to
2. LoginUtil.login(request, response, login, password, rememberMe, authType);

So, my idea was to duplicate the process by calling (LoginUtil.login(request, response, login, password, rememberMe, authType)). Hence, the following code.
.

So, based on the problem (java.lang.NoSuchMethodException) you are having, I am thinking that you have a different version of liferay and it probably is not doing the same thing for the core login process. If that is the case, look into the core login struts action (most likely the same class "LoginAction") and see what it is doing.

Hi,

I got the same issue and I am following the same way you mentiooned.

---------------------------------------------------------------
I have an index.jsp page where I have the following code.

MethodKey key = new
MethodKey("com.liferay.portlet.login.util.LoginUtil", "login",
HttpServletRequest.class, HttpServletResponse.class,
String.class, String.class, boolean.class, String.class);

PortalClassInvoker.invoke(false, key, new Object[] { request,
response, "monet", "m", true, "screenName"});

response.sendRedirect("http://localhost:9090/group/guest/home");
-----------------------------------------------------------------

In /liferay_portal_6.1/portlet-ext.properties I set 'session.enable.phishing.protection=false'

Since index.jsp is a normal jsp page, I cannot set '<private-session-attributes>false</private-session-attributes>' in liferay-portal.xml.

But still when I try to redirect to 'http://localhost:9090/group/guest/home', It goes to the login screen. I was getting some authentication exception which I solved. Now I think the user is getting autheticated but it redirects to the login screen again.

Please help me on this.

Thanks,
Jasar

I don't understand what you meant by "............index.jsp is a normal jsp page, I cannot set <private-session-attributes>false</private-session-attributes>...............".

The setting is at the portlet level. Whether it is a jsp or some java code in an action/web-layer class that is doing the custom login process, it is part of your custom portlet. And that portlet should not have a private session (it has to use the same session as the portal), which is exactly what the setting "<private-session-attributes>" does. If your portlet has a private session, Liferay's MainServlet won't find the information it requires to log the user in, because it looks in the PORTAL SESSION and the login process that you called from your code, sets the information in the PORTLET SESSION that it gets from the request object you are passing in. In my case I have a Custom Login portlet with one UI component(I am using Vaadin instead of JSP in your case) and all it does is, shows the login page, do the custom login process and redirect to some place.

In my war file there is no portlet. My war file contains only index.jsp. From that index.jsp I am calling LoginUtil.login method and redirects to 'http://localhost:9090/group/guest/home'. So I am not sure where to set <private-session-attributes>false</private-session-attributes>, since my liferay-portal.xml doesn't contain a <portlet> tag.

Hello, I have followed this but am still having issues. I am using Liferay 6.1 GA1 and I am receiving no errors when it runs. However, it simply isn't logging me in.

Here is what I have:


Please let me know if anyone else has had the same issue, or for any other ideas on how to get this working!

Thank you in advance.

I'm having the exact problem.

I'm currently running on Liferay 6.1.0 CE GA1 and want to create a custom login portlet. I followed your instructions but after click the button to log in, Liferay just doesn't let the user go through.

For authentication token , checkout the properties under
in portal.properties and you can make changes accordingly in portal-ext or even better in portlet.xml of your custom portlet

am gonna try this implementation and see how it works. Looks interesting. Till now I have used the autologin hooks for such situations.

thx for your post, helped me alot!

I finally got some time to try it out with Liferay 6.1 GA2
The only change except for other things discussed in this thread is that another property is to be added to portal-ext.properties

without this I was getting NPE when implementation tries to add session messages.

helpful post...

Muchas gracias, esto me ha ayudado mucho. Thanks!