Forums de discussion
LDAPAuth hook
Shiho Pingali, modifié il y a 10 années.
LDAPAuth hook
New Member Publications: 12 Date d'inscription: 20/12/11 Publications récentes
I am working on LDAPAuth hook to customize LDAP authentication for 6.1.1 glassfish bundle. I followed the user guide and the code is working but deployment of this hook has not been consistent in different server environment. Does it matter that the configuration, auth.pipeline.pre=MyLDAPAuth, are in portal-ext.properties or portal.properties file in the hook declared in liferay-hook.xml? If the above configuration is in portal-ext.properties, where does the class loader look for the class? I was getting ClassNotFoundException for MyLDAPAuth class with the following stack trace, looks like it is throwing this exception at authentication time:
ERROR com.liferay.portal.kernel.util.InstancePool - Unable to load org.abc.def.liferay.login.auth.MyLDAPAuth with the portal class loader or the current context class loader
java.lang.ClassNotFoundException: org.abc.def.liferay.login.auth.MyLDAPAuth
at org.glassfish.web.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1509)
at org.glassfish.web.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1359)
at com.liferay.portal.kernel.util.InstancePool._get(InstancePool.java:92)
at com.liferay.portal.kernel.util.InstancePool._get(InstancePool.java:59)
at com.liferay.portal.kernel.util.InstancePool.get(InstancePool.java:33)
at com.liferay.portal.security.auth.AuthPipeline.<init>(AuthPipeline.java:151)
at com.liferay.portal.security.auth.AuthPipeline.<clinit>(AuthPipeline.java:338)
at com.liferay.portal.service.impl.UserLocalServiceImpl.authenticate(UserLocalServiceImpl.java:4892)
at com.liferay.portal.service.impl.UserLocalServiceImpl.authenticateByScreenName(UserLocalServiceImpl.java:890)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:112)
at com.liferay.portal.spring.transaction.TransactionInterceptor.invoke(TransactionInterceptor.java:71)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:59)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:59)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:59)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
at com.liferay.portal.spring.aop.ServiceBeanAopProxy.invoke(ServiceBeanAopProxy.java:211)
at $Proxy233.authenticateByScreenName(Unknown Source)
at com.liferay.portal.service.UserLocalServiceUtil.authenticateByScreenName(UserLocalServiceUtil.java:607)
at com.liferay.portlet.login.util.LoginUtil.getAuthenticatedUserId(LoginUtil.java:160)
at com.liferay.portlet.login.util.LoginUtil.login(LoginUtil.java:243)
at com.liferay.portlet.login.action.LoginAction.login(LoginAction.java:189)
This was happening only in one server environment. When we cleared osgi-cache and restarted the server, this exception was gone, but not always. Could someone tell me why class loader is looking for MyLDAPAuth class in osgi-cache? How can we turn that off? Could someone tell me how does the AuthPipeline class find the correct implementation of Authenticator class at run time, what is the "InstancePool", how does it work?
ERROR com.liferay.portal.kernel.util.InstancePool - Unable to load org.abc.def.liferay.login.auth.MyLDAPAuth with the portal class loader or the current context class loader
java.lang.ClassNotFoundException: org.abc.def.liferay.login.auth.MyLDAPAuth
at org.glassfish.web.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1509)
at org.glassfish.web.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1359)
at com.liferay.portal.kernel.util.InstancePool._get(InstancePool.java:92)
at com.liferay.portal.kernel.util.InstancePool._get(InstancePool.java:59)
at com.liferay.portal.kernel.util.InstancePool.get(InstancePool.java:33)
at com.liferay.portal.security.auth.AuthPipeline.<init>(AuthPipeline.java:151)
at com.liferay.portal.security.auth.AuthPipeline.<clinit>(AuthPipeline.java:338)
at com.liferay.portal.service.impl.UserLocalServiceImpl.authenticate(UserLocalServiceImpl.java:4892)
at com.liferay.portal.service.impl.UserLocalServiceImpl.authenticateByScreenName(UserLocalServiceImpl.java:890)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:112)
at com.liferay.portal.spring.transaction.TransactionInterceptor.invoke(TransactionInterceptor.java:71)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:59)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:59)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:59)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
at com.liferay.portal.spring.aop.ServiceBeanAopProxy.invoke(ServiceBeanAopProxy.java:211)
at $Proxy233.authenticateByScreenName(Unknown Source)
at com.liferay.portal.service.UserLocalServiceUtil.authenticateByScreenName(UserLocalServiceUtil.java:607)
at com.liferay.portlet.login.util.LoginUtil.getAuthenticatedUserId(LoginUtil.java:160)
at com.liferay.portlet.login.util.LoginUtil.login(LoginUtil.java:243)
at com.liferay.portlet.login.action.LoginAction.login(LoginAction.java:189)
This was happening only in one server environment. When we cleared osgi-cache and restarted the server, this exception was gone, but not always. Could someone tell me why class loader is looking for MyLDAPAuth class in osgi-cache? How can we turn that off? Could someone tell me how does the AuthPipeline class find the correct implementation of Authenticator class at run time, what is the "InstancePool", how does it work?
Tonu Sri, modifié il y a 10 années.
RE: LDAPAuth hook
Regular Member Publications: 197 Date d'inscription: 15/04/11 Publications récentes
Hi Shiho,
You should define class with package path for example:
auth.pipeline.pre= org.abc.def.liferay.login.auth.MyLDAPAuth
If you are defining in portal-ext.properties file, you should have class available in classpath (WEB-INF/classes)
If you are working with HOOK, then your class will be inside your project and configuration will be inside portal.properties inside hook.
I will recommend to use HOOK and define your class with proper package path.
Thanks:
Tonu
You should define class with package path for example:
auth.pipeline.pre= org.abc.def.liferay.login.auth.MyLDAPAuth
If you are defining in portal-ext.properties file, you should have class available in classpath (WEB-INF/classes)
If you are working with HOOK, then your class will be inside your project and configuration will be inside portal.properties inside hook.
I will recommend to use HOOK and define your class with proper package path.
Thanks:
Tonu
Shiho Pingali, modifié il y a 10 années.
RE: LDAPAuth hook
New Member Publications: 12 Date d'inscription: 20/12/11 Publications récentes
Thank you, I checked my properties file and I did have class path (sorry my description was not accurate). So now I would like to share my experiments and why I'm confused. Before I posted in this forum, I suspected that adding it to portal.properties in hook might help. So I tried that and this is what happened.
1. I removed the configuration from portal-ext first and then added to portal.properties in my hook
2. When I tried to log in with correct credential, it worked and I could see that my custom LDAP auth class was executed.
3. I tried the wrong password next and authentication failed. But the stack trace shows that liferay's LDAPAuth class was executed:
at com.liferay.portal.security.auth.LDAPAuth.authenticate(LDAPAuth.java:148)
at com.liferay.portal.security.auth.LDAPAuth.authenticate(LDAPAuth.java:261)
at com.liferay.portal.security.auth.LDAPAuth.authenticate(LDAPAuth.java:355)
at com.liferay.portal.security.auth.LDAPAuth.authenticateByScreenName(LDAPAuth.java:90)
at com.liferay.portal.security.auth.AuthPipeline._authenticate(AuthPipeline.java:228)
at com.liferay.portal.security.auth.AuthPipeline.authenticateByScreenName(AuthPipeline.java:49)
3. Then I was not sure why but tried adding back the auth.pipeline.pre in portal-ext file, at this point, I have configuration in both places.
4. I tried log in with correct password - went to my class
5. I tried log in with wrong password - went to my class!
6. Currently I have the configuration in both places but I would like to know why it matters.
1. I removed the configuration from portal-ext first and then added to portal.properties in my hook
2. When I tried to log in with correct credential, it worked and I could see that my custom LDAP auth class was executed.
3. I tried the wrong password next and authentication failed. But the stack trace shows that liferay's LDAPAuth class was executed:
at com.liferay.portal.security.auth.LDAPAuth.authenticate(LDAPAuth.java:148)
at com.liferay.portal.security.auth.LDAPAuth.authenticate(LDAPAuth.java:261)
at com.liferay.portal.security.auth.LDAPAuth.authenticate(LDAPAuth.java:355)
at com.liferay.portal.security.auth.LDAPAuth.authenticateByScreenName(LDAPAuth.java:90)
at com.liferay.portal.security.auth.AuthPipeline._authenticate(AuthPipeline.java:228)
at com.liferay.portal.security.auth.AuthPipeline.authenticateByScreenName(AuthPipeline.java:49)
3. Then I was not sure why but tried adding back the auth.pipeline.pre in portal-ext file, at this point, I have configuration in both places.
4. I tried log in with correct password - went to my class
5. I tried log in with wrong password - went to my class!
6. Currently I have the configuration in both places but I would like to know why it matters.