Combination View Flat View Tree View
Threads [ Previous | Next ]
toggle
Michael Charles
Custom Authentication
April 19, 2012 11:00 AM
Answer

Michael Charles

Rank: New Member

Posts: 15

Join Date: January 20, 2011

Recent Posts

I'd like to create Custom Authentication using RSA's SecurID. My class will implement "com.liferay.portal.security.auth.Authenticator"

Should the custom authentication be created as a either a Liferay HOOK or EXT? Or a stand along class?
David H Nebinger
RE: Custom Authentication
April 19, 2012 11:47 AM
Answer

David H Nebinger

Community Moderator

Rank: Liferay Legend

Posts: 8975

Join Date: September 1, 2006

Recent Posts

You'll have to go w/ the EXT since the portal will be using your class(es) internally. There's a guy currently working on an authentication thing using spnego (search the forum to find him), he's probably got valuable information you can leverage for your implementation.

I sincerely apologize to him in advance for not remembering his name, but he deserves some kudos for the work he's been doing...
Hitoshi Ozawa
RE: Custom Authentication
April 22, 2012 6:19 AM
Answer

Hitoshi Ozawa

Rank: Liferay Legend

Posts: 7952

Join Date: March 23, 2010

Recent Posts

Check the following blog. You'll need to use ext as David said.

http://liferay-blogging.blogspot.jp/2011/08/how-to-change-liferay-login-module.html
Michael Charles
RE: Custom Authentication
May 2, 2012 10:42 AM
Answer

Michael Charles

Rank: New Member

Posts: 15

Join Date: January 20, 2011

Recent Posts

Thanks guys for the help.

After reviewing the available options and methods used by others I was able to successfully complete my custom RSA Authenticator and it was much easier than expected. My implementation was done without using Liferay's EXT. Note - While this can be done with EXT after some trail and error and some unit test we concluded that is was unnecessary and was much cleaner without it.

All that was required was to create a simple Java class that implements "com.liferay.portal.security.auth.Authenticator". In my case ...
1public final class RSAAuthenticator implements Authenticator { ..}


As long as your build path includes the required liferay jars you are set. All that was let was to compile the class and place in "tomcat/lib/ext/."

Also please note you will need to upate your "portal-ext.properties"
1##
2## Authentication Pipeline
3##
4        #auth.pipeline.pre=com.liferay.portal.security.auth.LDAPAuth
5        auth.pipeline.pre=your.class.name.path.RSAAuthenticator
6        auth.pipeline.enable.liferay.check=false


FYI - Using 6.1 CE




Michael Charles:
I'd like to create Custom Authentication using RSA's SecurID. My class will implement "com.liferay.portal.security.auth.Authenticator"

Should the custom authentication be created as a either a Liferay HOOK or EXT? Or a stand along class?
David H Nebinger
RE: Custom Authentication
May 2, 2012 12:20 PM
Answer

David H Nebinger

Community Moderator

Rank: Liferay Legend

Posts: 8975

Join Date: September 1, 2006

Recent Posts

Michael Charles:
Note - While this can be done with EXT after some trail and error and some unit test we concluded that is was unnecessary and was much cleaner without it.

All that was let was to compile the class and place in "tomcat/lib/ext/."


That is exactly why you do it as an EXT plugin - hot deploy works there. For your method you not only have to cycle the application container, but you also need filesystem access to move the jar into place. EXT plugins do not have this limitation, you just deploy and restart and you're done.

May not seem like a big deal, but if you have separate systems managed by separate groups (i.e. our devs manage test instance, but operations manage the prod instance), it can be a pain.
Hitoshi Ozawa
RE: Custom Authentication
May 2, 2012 9:48 PM
Answer

Hitoshi Ozawa

Rank: Liferay Legend

Posts: 7952

Join Date: March 23, 2010

Recent Posts

That is exactly why you do it as an EXT plugin - hot deploy works there.


You'll have to reboot on ext plugin.