Foros de discusión

  1. Inicio
  2. Development
  3. auth.pipeline.enable.liferay.check not working (Custom Auth System)

auth.pipeline.enable.liferay.check not working (Custom Auth System)

thumbnail
Manuel de la Peña, modificado hace 13 años.

auth.pipeline.enable.liferay.check not working (Custom Auth System)

Regular Member Mensajes: 116 Fecha de incorporación: 4/12/08 Mensajes recientes
Hello!

i'm trying to implement a custom login in Liferay 5.2.3, and i'm just a bit lost with the strategy to follow:
  • Login portlet: develop an struts portlet to login to my systems.
  • Login Hook: override login liferay (JSP and maybe portal.properties)
  • Implement Authenticator to get SUCCESS or FAILURE, but i dont' need to authenticate by emailAddress, screenName, or userId, because i want to authenticate to my custom system.

I'm playing with those properties to override in portal.properties are:
  • auth.pipeline.pre
  • auth.login.portlet.name
  • auth.pipeline.enable.liferay.check

The problem I see with the portlet is: How can my portlet reach portal-impl classes to really authenticate against Liferay system (to recognize user is signed-in)? My custom-login-portlet hasn't access to that classes... Or maybe i'm wrong?

Thanks in advance!!
thumbnail
Manuel de la Peña, modificado hace 13 años.

RE: Custom Auth System

Regular Member Mensajes: 116 Fecha de incorporación: 4/12/08 Mensajes recientes
Hello,
i'm confused about portal-ext.properties:
Entry "auth.pipeline.enable.liferay.check=false" is not working for me.

It always validate against Liferay user_ table (and passwords), and I've my old passwords stored in another encryption manner, so each one is different.

My questions are:

  • How could i avoid Liferay Login System, using custom mine?
  • If it is not possible, how can i use my passwords??
thumbnail
Manuel de la Peña, modificado hace 13 años.

auth.pipeline.enable.liferay.check not working

Regular Member Mensajes: 116 Fecha de incorporación: 4/12/08 Mensajes recientes
Definitively, that property (auth.pipeline.enable.liferay.check) is not working for me.

My scenario:

auth.pipeline.pre=com.package.MyCustomLoginAuth (implements com.liferay.portal.security.auth.Authenticator)

and 
auth.pipeline.enable.liferay.check=false


And ALWAYS validate against Liferay users table
This is the stack:
LoginAction.processAction(ActionMapping, ActionForm, PortletConfig, ActionRequest, ActionResponse) line: 88
LoginUtil.login(HttpServletRequest, HttpServletResponse, String, String, boolean, String) line: 165
UserLocalServiceUtil.authenticateByScreenName(long, String, String, Map<string,string[]>, Map<string,string[]>) line: 174</string,string[]></string,string[]>

The first one throws NoSuchUserException

com.liferay.portal.NoSuchUserException: No User exists with the key {companyId=1, screenName=XXXXXX}

so i'm lost with this Custom Auth System

Helps are thanked

Thanks in advance
Manuel
thumbnail
Manuel de la Peña, modificado hace 13 años.

RE: auth.pipeline.enable.liferay.check not working

Regular Member Mensajes: 116 Fecha de incorporación: 4/12/08 Mensajes recientes
Oppssss!!!

It's working with a clean installation of liferay. I've tried with it, and the auth.pipeline.enable.liferay.check=false works.

It's responsability of my custom auth system the Authenticator.SUCCESS.

But, hat is happening with my old system?

Is it stored in Database and the portal is not able to override it? Anybody knows?

Thanks!
Adolfo Escolano, modificado hace 13 años.

RE: auth.pipeline.enable.liferay.check not working

Junior Member Mensajes: 27 Fecha de incorporación: 31/01/11 Mensajes recientes
Hello Manuel,

Can you share how you develop your MyCustomLoginAuth class?

Will be helpful!

Thanks!
thumbnail
Manuel de la Peña, modificado hace 13 años.

ScreenName and Login Problems

Regular Member Mensajes: 116 Fecha de incorporación: 4/12/08 Mensajes recientes
Hello everybody.

I'll write my solution but i will expose the problem i've found over it.

Enviroment
  • Liferay 5.2.3
  • Tomcat 5.5.27
  • Oracle

Properties
  • company.security.auth.type=screenName
  • users.screen.name.validator=my.package.MyUserValidator
  • auth.pipeline.pre=my.package.MyPreAuth
  • auth.pipeline.enable.liferay.check=false
  • login.events.post=my.package.MyLoginPost,com.liferay.portal.events.DefaultLandingPageAction
  • passwords.toolkit=my.package.MyPasswordToolKit

Code

public class MyLoginAuth implements Authenticator
{
	private static Log _log = LogFactoryUtil.getLog(JCCMLoginAuth.class);
        ...
        protected int authenticate( long companyId, String emailAddress, String screenName, 
                                long userId, String password, Map<string, string[]> headerMap, 
                                Map<string, string[]> parameterMap) 
        throws AuthException
    {
        int result = Authenticator.FAILURE;        
        _log.debug("Looking for ["+screenName+"]");      
        
        try
        {
           //calls to my custom auth system
            _log.debug("User ["+screenName+"] found");
            result = Authenticator.SUCCESS;
        }
        catch(LoginFailException e)
        {
            _log.error("Login failed for user ["+screenName+"]");
            result = Authenticator.FAILURE;
        }
        
        return result ;
    }
}
</string,></string,>

I've succeeded building my CAS (Custom Auth System, not Central Auth System, maybe it's wrong to use the same abbreviations), but...

The problem
  • My screenNames are alfanumeric IDs, the most probably with zeros before (03450123T). So an user could logon in the system writing his/her ID with or without zeros.
  • Because Liferay validates the screenName against the screenName stored in USER_ table, the login process return FAILURE if the user write his/her ID without zeros (i.e.: 03450123T or 3450123T would be the same ID, but not for Liferay)

How could i solve this issue?

Many thanks