Combination View Flat View Tree View
Threads [ Previous | Next ]
toggle
surmsak mahit
How to implement custom authentication w/o having such user in the system?
June 25, 2013 4:31 AM
Answer

surmsak mahit

Rank: New Member

Posts: 2

Join Date: June 25, 2013

Recent Posts

Hi all,

I have a case on the login module on that, liferay will have to validate user,password retrieved from LDAP. There are some constraints that I couldn't just commonly integrate Liferay with LDAP via the built-in Liferay's LDAP configuration. The problem is the requirement that Liferay shall contains no users in database (to avoid duplication). It has to fetch user/password from LDAP via 3rd party's webservice, and bypass authentication and mapping roles/privilege (which are already created in liferay) to such user at runtime. Is this possible?

After done some researching, I found that I have to create a class that implements Authenticator interface, and also configure some configuration options to create a custom authentication mechanism (ex. modify auth.pipeline.pre=my.custom.class.name and set auth.pipeline.enable.liferay.check=false).

So I tried following all the steps above but couldn't make it work.

Is there a way to authenticate and log on user programmatically without user/password created in the Liferay database? (For ex. retrieve user's info from LDAP and put into the running thread)

However, I have roles and groups pre-created in the system and will be mapped to the user retrieved from LDAP on runtime.

Any idea?

Thank you in advance
David H Nebinger
RE: How to implement custom authentication w/o having such user in the syst
June 25, 2013 6:08 AM
Answer

David H Nebinger

Community Moderator

Rank: Liferay Legend

Posts: 8335

Join Date: September 1, 2006

Recent Posts

How many times do I need to say this?

It is simply not possible. The record must be in the User_ table in order to satisfy the logical foreign keys in the other tables.

It is not possible, under any circumstances, to have a user authenticate and use the portal that is not in the User_ table.

Period.
surmsak mahit
RE: How to implement custom authentication w/o having such user in the syst
June 25, 2013 11:14 AM
Answer

surmsak mahit

Rank: New Member

Posts: 2

Join Date: June 25, 2013

Recent Posts

I'm so new to this.
So I have to create user whatsoever after retrieving user's info.

Thanks for your kind answering this emoticon
David H Nebinger
RE: How to implement custom authentication w/o having such user in the syst
June 25, 2013 12:12 PM
Answer

David H Nebinger

Community Moderator

Rank: Liferay Legend

Posts: 8335

Join Date: September 1, 2006

Recent Posts

Sorry, Surmsak, I shouldn't have been so short.

As a recommendation, many questions that you're going to be asking have been covered in the forums before, especially this one that was covered recently. A quick google search prior to posting is typically a good idea...
Jack Bakker
RE: How to implement custom authentication w/o having such user in the syst
June 25, 2013 12:21 PM
Answer

Jack Bakker

Rank: Liferay Master

Posts: 720

Join Date: January 3, 2010

Recent Posts

Is there a way to authenticate and log on user programmatically without user/password created in the Liferay database? (For ex. retrieve user's info from LDAP and put into the running thread)

for Liferay to know about user and associations with resources in Liferay: liferay db user_ record for the user needs to be there