Combination View Flat View Tree View
Threads [ Previous | Next ]
toggle
Arvind Mishra
OpenSSO & Liferay
February 22, 2008 11:47 AM
Answer

Arvind Mishra

Rank: Regular Member

Posts: 224

Join Date: February 13, 2008

Recent Posts

Hi
I am not able to authenticate using OpenSSO & Liferay .
I was debugging the class OpenSSOAutoLogin.java which has following line of code-

String subjectId = (String)ses.getAttribute(WebKeys.OPEN_SSO_LOGIN);
//print statement added by me .
System.out.println("subjectId:" + subjectId);

if (subjectId == null) {
return credentials;
}


what is happening here , subjectid is coming as null from session because of that program is returning.

Can any body help what is this session variable OPEN_SSO_LOGIN does . do i need to set this variable by myself.


regards
Arvind Mishra
dog bert
RE: OpenSSO & Liferay
February 27, 2008 2:02 PM
Answer

dog bert

Rank: New Member

Posts: 20

Join Date: February 7, 2008

Recent Posts

Arvind Mishra:
Hi
I am not able to authenticate using OpenSSO & Liferay .
I was debugging the class OpenSSOAutoLogin.java which has following line of code-

String subjectId = (String)ses.getAttribute(WebKeys.OPEN_SSO_LOGIN);
//print statement added by me .
System.out.println("subjectId:" + subjectId);

if (subjectId == null) {
return credentials;
}


what is happening here , subjectid is coming as null from session because of that program is returning.

Can any body help what is this session variable OPEN_SSO_LOGIN does . do i need to set this variable by myself.


regards
Arvind Mishra


the session variable is supposed to store the OpenSSO tokenID after you log in from the Federation Access Manager. I am actually trying to figure out the whole OpenSSO and Liferay bug as well. As you stated, the Session variable is never created. If you are able to look into your cookies, you'd see the cookie iPlanetDirectory where the session variable gets it's value from is created after you login OpenSSO. The problem seems to be that the function which should be creating the session variable is never called. This is supposed to be done through the autologin.hook filters. That's as far as I have gotten.

As for what the session variable is used for, as far as I can tell, it's used to pull the user information from OpenSSO and create a Liferay user to log in as. It uses the REST authentication method to pull the user's id, name, password, email address, etc.
Arvind Mishra
RE: OpenSSO & Liferay
February 28, 2008 12:22 PM
Answer

Arvind Mishra

Rank: Regular Member

Posts: 224

Join Date: February 13, 2008

Recent Posts

Hi

this session variable is set in OpenSSOFilter.java.

String cookieName = PrefsPropsUtil.getString(
companyId, PropsUtil.OPEN_SSO_SUBJECT_COOKIE_NAME,
PropsValues.OPEN_SSO_SUBJECT_COOKIE_NAME);



This will get the cookie value which we will set in the settings of Enterprise Admin.

protected boolean isAuthenticated(
HttpServletRequest req, String cookieName) {

String cookieValue = CookieUtil.get(req.getCookies(), cookieName);
if (Validator.isNotNull(cookieValue)) {
HttpSession ses = req.getSession();
ses.setAttribute(WebKeys.OPEN_SSO_LOGIN, cookieValue);
return true;
}
else {
return false;
}
}


inside this method it checks for the same coookie from the request which is coming from Fed Access manager . If cookie is not coming from FAM its value will be set to null , which is what exactly happening.

I am in communication with openSSO guys , trying to figure out whether problem is with openSSO or Liferay side.
dog bert
RE: OpenSSO & Liferay
February 29, 2008 6:48 PM
Answer

dog bert

Rank: New Member

Posts: 20

Join Date: February 7, 2008

Recent Posts

It seems to be on the Liferay end. Here's the actual error message from the server log.

ERROR [OpenSSOAutoLogin:185] no content-type


This happens once the code picks up the cookie and session variable. Which for me, right now takes me having to press the "sign-in" button -> going to OpenSSO and logging in -> redirect back to liferay still not logged in -> choose sign-in from the drop-down menu again -> then I see this error message.

The liferay code isn't able to pull the user profile from the OpenSSO REST call when it does the connection.

Taking a closer look at Prashant Dighe's blog entry integrating both, it seems someone did run into the same problem as he posted a comment about. Unfortunately, nothing came about from it.

If possible, keep me updated on what the OpenSSO guys say.

Thanks.
Arvind Mishra
RE: OpenSSO & Liferay
March 3, 2008 1:22 PM
Answer

Arvind Mishra

Rank: Regular Member

Posts: 224

Join Date: February 13, 2008

Recent Posts

Hi

Yup , i am also getting same error.

Will let you know , if i will figure out some solution.

Thanks & Regards
Arvind Mishra
dog bert
RE: OpenSSO & Liferay
March 4, 2008 12:57 PM
Answer

dog bert

Rank: New Member

Posts: 20

Join Date: February 7, 2008

Recent Posts

great! also, on a slightly unrelated matter, were you planning on writing new code to do the authorization piece as the integrated code does not do authorization? looking at what it does do, it just creates a liferay user and dumps then into the power user role.

we're slowly planning on moving away from opensso as the integration does not have that part and we won't have time to code it. though, i believe that REST is not the way to go now as the problem can be fixed by using the SOAP/Web Services interface instead of REST.