Combination View Flat View Tree View
Threads [ Previous | Next ]
toggle
Bolat Kazybayev
Turning off encryption of UserId
May 10, 2013 4:04 AM
Answer

Bolat Kazybayev

Rank: New Member

Posts: 5

Join Date: August 22, 2012

Recent Posts

Hi everybody!
I need to get ID from cookie using C# from application which works on IIS.
As far as I can not decrypt ID, because of C# I thought about different approach.
How can I turn off encryption of UserId? Is it possible configure it in portal-ext.properties?
for instance: company.encryption.algorithm=NONE (doesn't work)
Apoorva Prakash
RE: Turning off encryption of UserId
May 10, 2013 3:00 PM
Answer

Apoorva Prakash

Rank: Liferay Master

Posts: 659

Join Date: June 15, 2010

Recent Posts

Bolat Kazybayev:
Hi everybody!
I need to get ID from cookie using C# from application which works on IIS.
As far as I can not decrypt ID, because of C# I thought about different approach.
How can I turn off encryption of UserId? Is it possible configure it in portal-ext.properties?
for instance: company.encryption.algorithm=NONE (doesn't work)


Hello Bolat,
I'm sorry but in liferay, user id is plain long value consisting 5 digits.

HTH.

-Apoorva Prakash
Bolat Kazybayev
RE: Turning off encryption of UserId
May 10, 2013 11:09 PM
Answer

Bolat Kazybayev

Rank: New Member

Posts: 5

Join Date: August 22, 2012

Recent Posts

Hi,

Thank you for your reply! What do you mean by
I'm sorry but in liferay, user id is plain long value consisting 5 digits.
?

The company id is also in a cookie however it is not encoded or encrypted. I need not-encoded or encrypted ID like COMPANY_ID in cookie. How to do it?
Apoorva Prakash
RE: Turning off encryption of UserId
May 10, 2013 11:57 PM
Answer

Apoorva Prakash

Rank: Liferay Master

Posts: 659

Join Date: June 15, 2010

Recent Posts

Bolat Kazybayev:
Hi,

Thank you for your reply! What do you mean by
I'm sorry but in liferay, user id is plain long value consisting 5 digits.
?

The company id is also in a cookie however it is not encoded or encrypted. I need not-encoded or encrypted ID like COMPANY_ID in cookie. How to do it?



Sorry Balot,

I didn't get your point earlier. It uses Encryptor class for encryption.

We able to decrypt cookies using the following, cant say how you can achieve in your code:
1Encryptor.decrypt(company.getKeyObj(), encryptedString)

HTH.

-Apoorva Prakash
Bolat Kazybayev
RE: Turning off encryption of UserId
May 11, 2013 12:13 AM
Answer

Bolat Kazybayev

Rank: New Member

Posts: 5

Join Date: August 22, 2012

Recent Posts

Actually my name is Bolat.

I have solution using Servlet wich runs on the same Tomcat.
 1
 2protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
 3ServletOutputStream out = response.getOutputStream();
 4//Getting the cookies from the servlet request
 5Cookie[] cookies = request.getCookies();
 6String userId = null;
 7String password = null;
 8String companyId = null;
 9for(Cookie c : cookies) {   
10    if ("COMPANY_ID".equals(c.getName())) {
11        companyId = c.getValue();
12    } else if ("ID".equals(c.getName())) {
13        userId = hexStringToStringByAscii(c.getValue());
14    } else if ("PASSWORD".equals(c.getName())) {
15        password = hexStringToStringByAscii(c.getValue());
16    }
17}
18
19if (userId != null && password != null && companyId != null) {
20    try {               
21        KeyValuePair kvp = UserLocalServiceUtil.decryptUserId(Long.parseLong(companyId), userId, password);
22        out.println("user=" + kvp.getKey() + "password=" + kvp.getValue());
23        User u = UserLocalServiceUtil.getUserById(Long.valueOf(kvp.getKey()));
24        out.println("fullname=" + u.getFullName());
25    } catch (NumberFormatException e) {               
26        e.printStackTrace();
27    } catch (PortalException e) {
28        e.printStackTrace();
29    } catch (SystemException e) {
30        e.printStackTrace();
31    }
32}
33public String hexStringToStringByAscii(String hexString) {
34    byte[] bytes = new byte[hexString.length()/2];
35    for (int i = 0; i < hexString.length() / 2; i++) {
36        String oneHexa = hexString.substring(i * 2, i * 2 + 2);
37        bytes[i] = Byte.parseByte(oneHexa, 16);
38    }
39    try {
40        return new String(bytes, "ASCII");
41    } catch (UnsupportedEncodingException e) {
42        throw new RuntimeException(e);
43    }
44}
45}

And it works well.
How to use user api using C# from IIS?
I thought about ovveriding of method which makes encryption of userId to turn of encryption. Is this good workaround in this case how do you think?
Apoorva Prakash
RE: Turning off encryption of UserId
May 11, 2013 3:50 AM
Answer

Apoorva Prakash

Rank: Liferay Master

Posts: 659

Join Date: June 15, 2010

Recent Posts

Bolat Kazybayev:
Actually my name is Bolat.

I have solution using Servlet wich runs on the same Tomcat.
 1
 2protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
 3ServletOutputStream out = response.getOutputStream();
 4//Getting the cookies from the servlet request
 5Cookie[] cookies = request.getCookies();
 6String userId = null;
 7String password = null;
 8String companyId = null;
 9for(Cookie c : cookies) {   
10    if ("COMPANY_ID".equals(c.getName())) {
11        companyId = c.getValue();
12    } else if ("ID".equals(c.getName())) {
13        userId = hexStringToStringByAscii(c.getValue());
14    } else if ("PASSWORD".equals(c.getName())) {
15        password = hexStringToStringByAscii(c.getValue());
16    }
17}
18
19if (userId != null && password != null && companyId != null) {
20    try {               
21        KeyValuePair kvp = UserLocalServiceUtil.decryptUserId(Long.parseLong(companyId), userId, password);
22        out.println("user=" + kvp.getKey() + "password=" + kvp.getValue());
23        User u = UserLocalServiceUtil.getUserById(Long.valueOf(kvp.getKey()));
24        out.println("fullname=" + u.getFullName());
25    } catch (NumberFormatException e) {               
26        e.printStackTrace();
27    } catch (PortalException e) {
28        e.printStackTrace();
29    } catch (SystemException e) {
30        e.printStackTrace();
31    }
32}
33public String hexStringToStringByAscii(String hexString) {
34    byte[] bytes = new byte[hexString.length()/2];
35    for (int i = 0; i < hexString.length() / 2; i++) {
36        String oneHexa = hexString.substring(i * 2, i * 2 + 2);
37        bytes[i] = Byte.parseByte(oneHexa, 16);
38    }
39    try {
40        return new String(bytes, "ASCII");
41    } catch (UnsupportedEncodingException e) {
42        throw new RuntimeException(e);
43    }
44}
45}

And it works well.
How to use user api using C# from IIS?
I thought about ovveriding of method which makes encryption of userId to turn of encryption. Is this good workaround in this case how do you think?


Sorry Bolat for spelling wrong your name.

You may try the JS API for the same, like the following:

1jQuery.getScript('/html/js/liferay/service.js', function(){
2   var userIId=themeDisplay.getUserId();
3   Liferay.Service.Portal.User.getUserById({userId:userIId}, function(data){
4      alert(data.screenName);
5   });
6});


HTH.

-Apoorva Prakash
Bolat Kazybayev
RE: Turning off encryption of UserId
May 12, 2013 7:25 AM
Answer

Bolat Kazybayev

Rank: New Member

Posts: 5

Join Date: August 22, 2012

Recent Posts

Hi, Apoorva

Thank you for your help!

I have some questions about js api:

How can I invoke Liferay js api from remote application?
Where should I set permissions for my application to use Liferay web-services?
Bandana Banerjee
RE: Turning off encryption of UserId
August 23, 2013 8:21 AM
Answer

Bandana Banerjee

Rank: New Member

Posts: 2

Join Date: August 21, 2013

Recent Posts

Even I have the same question. Suppose I have a open social widget on liferay which needs to publish the user details on the widget.

How can I use this javascript code there and where from it will get the themeDisplay() object??


Bolat Kazybayev:
Hi, Apoorva

Thank you for your help!

I have some questions about js api:

How can I invoke Liferay js api from remote application?
Where should I set permissions for my application to use Liferay web-services?