« Back

SSO via Facebook

Staff Blogs August 17, 2010 By Wilson Man Staff

Liferay 6.0 now comes with an additional Single Sign-On option - Facebook SSO using OAuth 2.0.  Setup is quite easy.  Let me walk you through the steps below.

1. In order for Facebook SSO to work, you first have to have a Facebook application account.  If you don't already have one, you can get more information here: developers.facebook.com/docs/guides/web

2. Once you have a Facebook application account (and ID), you'll need to edit settings under the Web Site tab.  Fill in the Site URL text field and the Site Domain text field.  If you're testing locally, you can set the Site URL as http://localhost:8080 and the Site Domain to be localhost.  I've added an entry in my hosts file, so lportal.com would hit my local tomcat at port 8080.  Below is an example of what I've entered.  Click Save when you're done with your settings.  Note: If you do change your domain, make sure you update all the relevant areas.

  • Facebook side (pictured below)
  • Liferay side (Control Panel -> Settings -> Authentication -> Facebook -> Redirect URL
  • Community Virtual Host (Control Panel -> Community -> Actions button -> Settings -> public domain)
  • your local environment's host file (i mapped 127.0.0.1 to lportal.com)

Facebook Connect Settings

3. After entering these settings on the Facebook side, you now need to configure your Liferay portal.  First, log in with your administrator account.  Go to the Control Panel.  On the left menu under the instance you want to enable Facebook SSO, click on Settings.  Then click Authentication on the right menu, and lastly click on Facebook.  In this section, you want to first check the checkbox to enable Facebook SSO.  Next, fill in the Application ID which is a numeric ID (not to be confused with the application key), the Application Secret (don't tell/show anyone this), and lastly, update the domain part of the Redirect URL if not using localhost (I changed mine from localhost to lportal.com).  Below is what I've entered.  Click Save when you're finished.  (If you're not using localhost, make sure you've already updated the community's public virtual host, AND that you're accessing the site using this virtual host domain.)

Liferay Portal Authentication Facebook Settings

4. Now you're ready to test it.  Log out of your administrator account in Liferay portal.  When you're on the login page, you should now see the Facebook link under the password field.

5. Clicking on the Facebook link should do one of two things.  If your browser already has a Facebook session, it will try to log you in with that Facebook account.  If no Facebook session exists on your browser, it will prompt you to login with your Facebook credentials.  Once you've granted access, Liferay portal will ask Facebook for the primary email address of that account you logged in with.  Liferay portal will search its database for that email address.  If found, it'll log you in automatically, if not, you will see the prompt below.

6. User can choose to create an account on your Liferay portal simply by clicking the Add Account button.  Liferay will then ask Facebook for the first name, last name, gender, and email address of the account.  It will also ask whether the account is validated by Facebook for security reasons.

NOTE: if your Facebook application you setup earlier is in Sandbox mode, only the developers of your Facebook application listed will be able to login successfully.

7. That's all there is to it!  Your users can now login with their Facebook credentials to your site!  If they don't already have an account on your site, sign up is that much easier.

 

We plan to add additional features in the near future.  Here's a list of them so far:

  • Allow Liferay accounts to link to Facebook accounts by facebook user ID (so email addresses don't need to be the same).
  • Make it configurable whether the Add Account option should be presented to user if no accounts were found on Liferay portal.
  • For the add account feature, also ask Facebook for user's birthday.  This will be configurable whether birthday is required.

Update 2/23/2011: Since the Facebook "My App" interface has changed, I've taken a new screenshot and replaced the old one with the new.

Trackback URL:

20239 Views, 74 Comments

Threaded Replies Author Date
Great post Wilson, thanks for the sharing this... Jeffrey Handa August 18, 2010 1:10 AM
Thanks, this is interesting and useful feature. Sampsa Sohlman August 18, 2010 2:25 AM
Awesome feature and very nicely explained! Sandeep Nair August 18, 2010 3:44 AM
nice feature! Jonas Yuan August 18, 2010 10:18 AM
Hi Wilson, Thanks. This is nice feature! Do... Jonas Yuan August 18, 2010 10:25 AM
hi Jonas, it's something we're interested in... Wilson Man August 18, 2010 2:28 PM
fascinating! Archi Madhu August 18, 2010 12:58 PM
Great Post,could you please help me how to do... M. Ahamed Maqbool August 18, 2010 8:29 PM
greate !!! thanks Wilson, know that we are... Gabriel Leon Leyva August 19, 2010 7:44 AM
i believe so. i'll have to review the API, it... Wilson Man August 20, 2010 8:40 AM
hi M. Ahamed, I'm not as familiar with those... Wilson Man August 20, 2010 8:39 AM
Hi Wilson Man, thank you for replay we could... M. Ahamed Maqbool August 21, 2010 8:25 AM
This will come handy . Thanks for sharing Dhananjay Tiwari August 19, 2010 10:58 AM
This feature is great and I've already enabled... Andrew Tillinghast August 19, 2010 5:46 PM
Andrew, are you using the... Wilson Man August 20, 2010 8:41 AM
In Liferay 6.0.4, via control... Andrew Tillinghast August 20, 2010 9:03 AM
i see, i'm on 6.0.5 and will have to check with... Wilson Man August 20, 2010 9:08 AM
This is all kinds of awesome. Thanks! Joshua Asbury August 20, 2010 11:04 AM
This is so cool , great feature to attract more... Abhishek Saxena August 21, 2010 6:18 AM
Xcellent work ... zaheer mohammed saddapalli August 25, 2010 3:07 AM
great feature! If using exclusively this method... Philippe Dias September 30, 2010 1:31 AM
hi wilson, I tried to use the SSO via... Ernst Blaas October 13, 2010 2:09 PM
Hi Enric, I did some investigation on this and... Ravikant Kumar October 14, 2010 12:11 AM
thanks Ernst and Ravikant for bringing this to... Wilson Man October 14, 2010 3:49 PM
actually, i just tested it, and it's working... Wilson Man October 14, 2010 4:33 PM
Making it configurable would be a good idea.... Ravikant Kumar October 14, 2010 7:54 PM
Hi, we're stuck on the same issue of Zhou Wu... Adolfo Benedetti February 23, 2011 3:10 AM
thank you all for reporting this issue to me... Wilson Man February 23, 2011 7:33 AM
in rev 73726 facebook option doesnt work. Gabriel Leon Leyva February 23, 2011 7:42 AM
hi All, I've gotten a chance this morning to... Wilson Man February 23, 2011 10:31 AM
Hey Wilson ! Well the issue remains persistent.... Abhay Doshi February 24, 2011 11:35 PM
hi Abhay, thanks for your feedback. With... Wilson Man March 1, 2011 3:42 PM
Where does the screenshot in step 2 come from?... Zhou Wu December 3, 2010 12:04 PM
it's on facebook. Wilson Man December 3, 2010 12:05 PM
Thanks. However, I just couldn't make it work... Zhou Wu December 16, 2010 4:02 PM
Same problem here. Balázs Jilling December 18, 2010 4:44 AM
Hi. On the second screenshot you have Facebook... Alexey Davidovich February 1, 2011 6:11 AM
Problem is solved. I get confused with archives... Alexey Davidovich February 2, 2011 2:45 AM
Very nice. Kenneth Yeung February 2, 2011 8:37 AM
Hi Wilson, I am getting following error when... Gaurav Jain February 16, 2011 10:41 PM
hey Gaurav, i'll try my best to take a look... Wilson Man February 17, 2011 10:32 AM
Hey Wilson ! Great tutorial :) I'm being able... Abhay Doshi February 22, 2011 8:36 PM
Hi, thanks for this feature! Is it possible to... Vaclav Balak March 1, 2011 8:58 AM
hi Vaclav, the access token is stored as a... Wilson Man March 1, 2011 3:43 PM
Hi Wilson, thanks for your reply. I'm trying to... Vaclav Balak March 2, 2011 6:03 AM
Hi Vaclav, I think you need to add this to... Wilson Man March 2, 2011 8:53 AM
Hi Wilson, thanks for reply again. I tried to... Vaclav Balak March 3, 2011 1:58 AM
hi Vaclav, i haven't gotten a chance to look... Wilson Man March 7, 2011 10:15 AM
hi Wilson, in the portal properties in control... Vaclav Balak March 11, 2011 6:44 AM
hi Vaclav, got a chance to look into this issue... Wilson Man March 14, 2011 10:09 AM
Vaclav, i've gotten a chance to investigate a... Wilson Man March 16, 2011 10:50 PM
I thank you for dealing with that, i'll be... Vaclav Balak March 17, 2011 9:24 AM
try String token =... Andreas Kang March 9, 2011 5:12 AM
Thanks for tip Andreas, but it's still null... Vaclav Balak March 11, 2011 6:59 AM
Hello, I am having the same problem as some... Adam Eri August 2, 2011 1:06 PM
hey Adam, the bug has been resolved in trunk... Wilson Man August 3, 2011 8:29 PM
Hi Wilson, actually i have Liferay 6.0.6 and i... Lina Margarita Holguin October 14, 2011 1:38 PM
Hi Wilson again. I entered in your profile and... Lina Margarita Holguin October 14, 2011 2:54 PM
Hi Wilson good works. I have the same problem,... Jossimar de Leon October 15, 2011 9:23 AM
Hi to all, what is the revision in the trunk... Lina Margarita Holguin October 17, 2011 1:54 PM
hey Lina and Jossimar, I don't have the... Wilson Man October 17, 2011 2:20 PM
Thanks Wilson Man, in this moment i'm... Lina Margarita Holguin October 17, 2011 6:22 PM
Hi Wilson i downloaded liferay 6.1 beta3... Lina Margarita Holguin October 17, 2011 9:36 PM
hi Lina, I've created this ticket that captures... Wilson Man October 18, 2011 12:13 PM
Hey Wilson i have the question i need get the... Cristian Chaparro October 18, 2011 12:30 PM
hi Cristian, if you're trying to get a URL... Wilson Man October 19, 2011 10:55 PM
How i fix the bug in Facebook SSO ?? :( Lina Margarita Holguin November 8, 2011 12:03 PM
Hi Lina, if you are still facing this issue... Carlos Sierra Andrés December 20, 2011 8:33 AM
I have having the same problem as Lina. I have... Carlos Sierra Andrés December 21, 2011 3:23 AM
Yes Carlos Sierra Andrés, are problems with the... Lina Margarita Holguin February 25, 2012 10:38 AM
[...] Hello, I've configured a facebook account... Anonymous April 6, 2012 11:38 AM
[...] Hi, It is not as straightforward as just... Anonymous May 2, 2012 8:36 AM
I am not getting that facebook setting page, i... Praveen P June 20, 2012 11:51 PM
Hi Wilson! I'm using this portlet with Liferay... Sandro Rizzuto March 1, 2013 8:15 AM

Jeffrey Handa
Great post Wilson, thanks for the sharing this information!
Posted on 8/18/10 1:10 AM.
Sampsa Sohlman
Thanks, this is interesting and useful feature.
Posted on 8/18/10 2:25 AM.
Sandeep Nair
Awesome feature and very nicely explained!
Posted on 8/18/10 3:44 AM.
Jonas Yuan
nice feature!
Posted on 8/18/10 10:18 AM.
Jonas Yuan
Hi Wilson, Thanks. This is nice feature!

Do you have any plan on SSO via Twitter?
Posted on 8/18/10 10:25 AM in reply to Jonas X. Yuan.
Archi Madhu
fascinating!
Posted on 8/18/10 12:58 PM.
Wilson Man
hi Jonas, it's something we're interested in implementing sometime in the future also.
Posted on 8/18/10 2:28 PM in reply to Jonas X. Yuan.
M. Ahamed Maqbool
Great Post,could you please help me how to do the same with other Social Networks like Flicker,youtube,Buzz,Twitter,etc..
Posted on 8/18/10 8:29 PM.
Gabriel Leon Leyva
greate !!! thanks Wilson, know that we are logged to facebook, can we have facebook wall or images in liferay? is there a way to do that?

thanks a lot for the info. Greate Job!!
Posted on 8/19/10 7:44 AM in reply to M. Ahamed Maqbool.
Dhananjay Tiwari
This will come handy .
Thanks for sharing
Posted on 8/19/10 10:58 AM.
Andrew Tillinghast
This feature is great and I've already enabled it with the site I'm currently developing. However, when a user logs into the portal with facebook after creating an account they are taken back to the current page and not to the default landing page.
Posted on 8/19/10 5:46 PM.
Wilson Man
hi M. Ahamed, I'm not as familiar with those APIs, but if you have specific questions regarding their integration, feel free to ask them in our forums and we'll do our best to shed some light when possible!
Posted on 8/20/10 8:39 AM in reply to M. Ahamed Maqbool.
Wilson Man
i believe so. i'll have to review the API, it may be possible via their Graph API (also through their JavaScript API)
Posted on 8/20/10 8:40 AM in reply to Gabriel Leon Leyva.
Wilson Man
Andrew, are you using the "default.landing.page.path" property to set the landing page? I just tried it and you're right, it doesn't land on that page after autologin, but it also doesn't land there after normal login for me, are you experiencing the same for normal login?
Posted on 8/20/10 8:41 AM in reply to Andrew Tillinghast.
Andrew Tillinghast
In Liferay 6.0.4, via control Panel.portal.settings.Navigation.Default Landing Page I have set "/web/members/home". When logging in via the normal email/pass combo the landing page is handled correctly, when login with facebook the user returns to the current page, just authenticated.
Posted on 8/20/10 9:03 AM in reply to Wilson Man.
Wilson Man
i see, i'm on 6.0.5 and will have to check with the core team. thanks for the feedback!
Posted on 8/20/10 9:08 AM in reply to Andrew Tillinghast.
Joshua Asbury
This is all kinds of awesome. Thanks!
Posted on 8/20/10 11:04 AM in reply to Wilson Man.
Abhishek Saxena
This is so cool , great feature to attract more site traffic
Thanks for configuration steps
Posted on 8/21/10 6:18 AM.
M. Ahamed Maqbool
Hi Wilson Man, thank you for replay we could Reference this pages.
Twitter:http://dev.twitter.com/pages/sign_in_with_twitter
Flicker:Reference­ link : http://www.flickr.com/services/api/
Youtube:http://code.google.com/apis/youtube/2­.0/reference.html
Buzz:http://code.google.com/apis/buzz/v1/getting_started.html
Posted on 8/21/10 8:25 AM in reply to Wilson Man.
zaheer mohammed saddapalli
Xcellent work ...
Posted on 8/25/10 3:07 AM.
Philippe Dias
great feature! If using exclusively this method of authentication, I guess I don´t need a LDAP as there are no credentials to store, right?

thank you
Posted on 9/30/10 1:31 AM.
Ernst Blaas
hi wilson,

I tried to use the SSO via Facebook, but after clicking "Add Account" nothing happens.
No user added, no login

Any Idea?

I'm testing on localhost:8080, liferay 6.0.5

btw. the facebook form for Application registration has changed
Posted on 10/13/10 2:09 PM.
Ravikant Kumar
Hi Enric,

I did some investigation on this and this is what I could figure out:

The FacebookConnectAction class performs all actions related to facebook SSO login. This
class expects a boolean parameter 'verified' in the jsonObject received from Facebook, but this parameter is somehow not being received and it returns from the following lines without doing anything:

if (!jsonObject.getBoolean("verified")) {
return;
}

I just commented the above lines (twice in the code) and it worked for me. Also, the size of the email column in the _user table needs to be increased to accommodate dynamically generated email id which is larger than default column size.

Thanks,
Ravikant
Posted on 10/14/10 12:11 AM in reply to Ernst Blaas.
Wilson Man
thanks Ernst and Ravikant for bringing this to my attention. I will test this later this week.
Posted on 10/14/10 3:49 PM in reply to Ravikant Kumar.
Wilson Man
actually, i just tested it, and it's working fine for me. the "verified" is still returned by FB. you probably need to have a valid FB account for this to work. If you think there's a case where we may want to allow "unverified" FB accounts to work, let me know and I can make that configurable.
Posted on 10/14/10 4:33 PM in reply to Wilson Man.
Ravikant Kumar
Making it configurable would be a good idea. Like us, who are not sure what is wrong with our FB accounts, this issue can bother others too.

Will discuss this issue with FB support to know what may be causing this.

Thanks
Posted on 10/14/10 7:54 PM in reply to Wilson Man.
Zhou Wu
Where does the screenshot in step 2 come from? Is it from facebook site or liferay web portal? Please help.
Posted on 12/3/10 12:04 PM.
Wilson Man
it's on facebook.
Posted on 12/3/10 12:05 PM in reply to Zhou Wu.
Zhou Wu
Thanks. However, I just couldn't make it work for me. At some point, it did direct me to facebook page asking for permission when I tested with my facebook account. Now every time I click the facebook button on the login page, it simple returns the original page showing "sign in" page. What could be wrong here?
Posted on 12/16/10 4:02 PM in reply to Wilson Man.
Balázs Jilling
Same problem here.
Posted on 12/18/10 4:44 AM in reply to Zhou Wu.
Alexey Davidovich
Hi. On the second screenshot you have Facebook button in authentification section. I have just downloaded liferay-tomcat-portal (version 6.0.5), installed it and in authentification section I have no any facebook button. What is wrong? Can you help me? Thanks.
Posted on 2/1/11 6:11 AM.
Alexey Davidovich
Problem is solved. I get confused with archives and used earlier version of liferay. I have setup last version of liferay and everything is OK.
Posted on 2/2/11 2:45 AM in reply to Alexey Davidovich.
Kenneth Yeung
Very nice.
Posted on 2/2/11 8:37 AM.
Gaurav Jain
Hi Wilson,

I am getting following error when trying to do facebook login:
{code}
ERROR [jsp:154] com.liferay.portal.security.auth.PrincipalException: /home?p_auth=TtY5d06h&p_p_id=58&p_p_lifecycle=1&p_p_state=normal&p_p_mode=view&p­_p_col_id=column-1&p_p_col_count=1&_58_struts_action=%2Flogin%2Ffacebook_connect­&_58_redirect=http%3A%2F%2Fdemo.componence.com%2Fhome%3Bjsessionid%3D41F0CD9814F­2575F89983DED0100F5C1%3Fp_p_id%3D58%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p­_p_mode%3Dview%26p_p_col_id%3Dcolumn-1%26p_p_col_count%3D1%26_58_struts_action%3­D%252Flogin%252Ffacebook_connect_add_user
at com.liferay.portal.struts.PortletRequestProcessor.process(PortletRequestProcesso­r.java:164)
at com.liferay.portlet.StrutsPortlet.processAction(StrutsPortlet.java:186)
at com.liferay.portlet.FilterChainImpl.doFilter(FilterChainImpl.java:70)
at com.liferay.portal.kernel.portlet.PortletFilterUtil.doFilter(PortletFilterUtil.j­ava:48)
at com.liferay.portlet.InvokerPortletImpl.invoke(InvokerPortletImpl.java:652)
at com.liferay.portlet.InvokerPortletImpl.invokeAction(InvokerPortletImpl.java:687)­
at com.liferay.portlet.InvokerPortletImpl.processAction(InvokerPortletImpl.java:360­)
at com.liferay.portal.action.LayoutAction.processPortletRequest(LayoutAction.java:7­68)
at com.liferay.portal.action.LayoutAction.processLayout(LayoutAction.java:571)
at com.liferay.portal.action.LayoutAction.execute(LayoutAction.java:229)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.­java:431)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
at com.liferay.portal.struts.PortalRequestProcessor.process(PortalRequestProcessor.­java:152)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at com.liferay.portal.servlet.MainServlet.callParentService(MainServlet.java:508)
at com.liferay.portal.servlet.MainServlet.service(MainServlet.java:485)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilt­erChain.java:290)
{code}

I am using liferay version ce 6.0.5
I added a facebook application.
Enabled facebook login and updated add_id,secret_key,redirect_url.

Now on login portlet, clicked to facebook login.. redirected to facebook.. allowed my app, back to my portal, clicked add account button. then after it redirected me back to sign in page without making me signed in.
And with this exception in the logs.

However my user has been added in the users table.
Posted on 2/16/11 10:41 PM.
Wilson Man
hey Gaurav, i'll try my best to take a look when I get a chance. sounds like the problem has to do with the auto-login after everything was validated.
Posted on 2/17/11 10:32 AM in reply to Gaurav Jain.
Abhay Doshi
Hey Wilson ! Great tutorial emoticon

I'm being able to authenticate and log users in (via Facebook) but the default.landing.page.path seems to have become ineffective. I've also set auth.forward.by.last.path to true. But post successful login, I am unable to redirect the user to a page of my choosing. Can you help me here ?
Posted on 2/22/11 8:36 PM.
Adolfo Benedetti
Hi,

we're stuck on the same issue of Zhou Wu (we are using liferay 6.0.5) : facebook redirect and authorization seems to work fine, but when it redirects back to liferay, it's still unauthenticated. We've also noticed that the column USER_.facebookId is null.

What we tried was to:

- create an ext plugin - using liferay 6.0.5 SDK(attached) - including docroot/WEB-INF/ext-impl/src/com/liferay/portal/action/login/FacebookConnectActi­on.java , copied from the 6.0.5 SVN tag, applying the patches mentioned by Ravikant Kumar

- alter USER_ table, modifying column emailAddress from varchar(50) to varchar(255), as suggested by Ravikant Kumar

- Add some logs statements to see if liferay is picking up our version or not.

Logs statements are logged, but still does not work; no errors, no warnings, no exceptions.

Any idea? Thanks.
Posted on 2/23/11 3:10 AM in reply to Ravikant Kumar.
Wilson Man
thank you all for reporting this issue to me and for giving me such detail. I'm in the process of getting the latest from the 6.0.x branch to see if the issue is there. I'm hoping to report back no later than the end of this week, hopefully sooner.
Posted on 2/23/11 7:33 AM in reply to Adolfo Enrique Benedetti.
Gabriel Leon Leyva
in rev 73726 facebook option doesnt work.
Posted on 2/23/11 7:42 AM in reply to Wilson Man.
Wilson Man
hi All, I've gotten a chance this morning to test with 6.0.5 and no bug was found. I was able to import my facebook account (and also SSO) into a clean Liferay portal 6.0.5 CE.

I've added a few additional notes to my instruction above. For those of you having issues with redirect, make sure your domains are set correctly. On Facebook's side, make sure the Site URL field has the proper port, etc.

As for facebook accounts that are not verified, it's simple to verify your account. If you do not want to for whatever reason, you can follow the steps outlined in the comments above to override the verification code on liferay side.

Otherwise, Facebook SSO is working fine in 6.0.5 CE. thank you all.
Posted on 2/23/11 10:31 AM in reply to Gabriel Leon Leyva.
Abhay Doshi
Hey Wilson ! Well the issue remains persistent. Here's the scenario:

My Facebook redirect URL setting :
http://portal.xxxxxx.com/c/login/facebook_connect_oauth

Liferay Main configuration:
Virtual host : portal.xxxxxx.com
Default landing page : /web/group/announcements

If I log a user in without using Facebook SSO, it correctly redirects him to portal.xxxxxx.com/web/group/announcements post authentication.

Whereas, If I login the user using Facebook, the user is sent to portal.xxxxxx.com/home and not the page that I have set as the default landing page.

Do you know why that might be happening and what can I do to ensure that even FB authenticated users go to the same landing page ?

Thanks.
Posted on 2/24/11 11:35 PM in reply to Wilson Man.
Vaclav Balak
Hi, thanks for this feature!
Is it possible to get accessToken in portlet?
Posted on 3/1/11 8:58 AM.
Wilson Man
hi Abhay, thanks for your feedback. With regards to the post authentication redirect, the Facebook SSO implementation terminates at the auto-login phase within the whole login process. The rest is governed by Liferay's auto-login mechanism. So while there isn't anything the FB SSO feature can add to help with this redirection issue you're having, you may have better luck looking into the auto-login implementation to find the answer.
Posted on 3/1/11 3:42 PM in reply to Abhay Doshi.
Wilson Man
hi Vaclav, the access token is stored as a HttpSession attribute. You can retrieve it from the HttpSession using this constant: WebKeys.FACEBOOK_ACCESS_TOKEN
Posted on 3/1/11 3:43 PM in reply to Vaclav Balak.
Vaclav Balak
Hi Wilson, thanks for your reply. I'm trying to get accessToken from session, but without success :-(. What I did and try so far:

1) In liferay-portlet.xml I have private-session-attributes set to true for my portlet
2) In portal-ext.properties I have session.shared.attributes=FACEBOOK_
3) In my controller I tried:

HttpServletRequest request = PortalUtil.getHttpServletRequest(portletRequest);
request = PortalUtil.getOriginalServletRequest(request);
HttpSession session = request.getSession();
String token = (String) session.getAttribute(WebKeys.FACEBOOK_ACCESS_TOKEN);

and

PortletSession session= portletRequest.getPortletSession();
String token = (String) session.getAttribute(WebKeys.FACEBOOK_ACCESS_TOKEN, PortletSession.APPLICATION_SCOPE);

In both cases is returned token null.

Am I missing something?
Many thanks in advance!
Posted on 3/2/11 6:03 AM in reply to Wilson Man.
Wilson Man
Hi Vaclav,

I think you need to add this to your portlet-ext.properties:
#
# Set a comma delimited list of attribute names that will be copied to the
# new session when the property "session.enable.phishing.protection" is set
# to true.
#
session.phishing.protected.attributes=HTTPS_INITIAL,LAST_PATH,FACEBOOK_ACCESS_TO­KEN

The reason for that additional attribute is that chances are, your session.enable.phishing.protection property is defaulted to true. This means that right after login, the user gets a new session object. Adding the FACEBOOK_ACCESS_TOKEN to the property above would cause that attribute to be copied over to the new session.
Posted on 3/2/11 8:53 AM in reply to Vaclav Balak.
Vaclav Balak
Hi Wilson, thanks for reply again.
I tried to add session.phishing.protected.attributes, but there is still no FACEBOOK_ACCESS_TOKEN in token :-(.
I also looked into AttributeNames enumerations inside sessions:
- HttpSession AttributeNames is empty
- AttributeNames in PortletSession (ApplicationScope) are: LIFERAY_SHARED_AUTHENTICATION_TOKEN, USER_ID, LIFERAY_SHARED_VISITED_GROUP_ID_RECENT, org.apache.struts.action.LOCALE, LIFERAY_SHARED_VISITED_GROUP_ID_PREVIOUS
- AttributeNames in PortletSession (PortletScope) is empty
Posted on 3/3/11 1:58 AM in reply to Wilson Man.
Wilson Man
hi Vaclav, i haven't gotten a chance to look into that yet. one last thing i would say to check is the portal properties listed in control panel. see if you see the added attribute key there.
Posted on 3/7/11 10:15 AM in reply to Vaclav Balak.
Andreas Kang
try

String token = (String)session.getAttribute("FACEBOOK_ACCESS_TOKEN");

in jsp and then send it to your action in a hidden field or something.

I had the same problem as you and it worked by doing that.
Posted on 3/9/11 5:12 AM in reply to Vaclav Balak.
Vaclav Balak
hi Wilson, in the portal properties in control panel are all defined attributes: session.phishing.protected.attributes HTTPS_INITIAL,LAST_PATH,FACEBOOK_ACCESS_TOKEN and also
session.shared.attributes FACEBOOK_ACCESS_TOKEN
Posted on 3/11/11 6:44 AM in reply to Wilson Man.
Vaclav Balak
Thanks for tip Andreas, but it's still null :-(. cant be there some problem with listeners? I have both RequestContextListener and ContextLoaderListener defined.
Posted on 3/11/11 6:59 AM in reply to Andreas Kang.
Wilson Man
hi Vaclav, got a chance to look into this issue over the weekend, and found that the code that transfers session attributes from old session to new during the login process isn't called when login through the AutoLogin hook/process. I plan to inquire about this internally.

In the meantime, if you have more questions, can you start a Message Board thread on this topic? I would rather discuss this there since the MB is more geared towards deeper discussions like this one.

again, thanks for bringing this to my attention!
Posted on 3/14/11 10:09 AM in reply to Vaclav Balak.
Wilson Man
Vaclav, i've gotten a chance to investigate a bit more and we've deemed this to be a bug in the auto-login process. I've gone ahead and created a ticket for it.

http://issues.liferay.com/browse/LPS-15895
thanks again!
Posted on 3/16/11 10:50 PM in reply to Vaclav Balak.
Vaclav Balak
I thank you for dealing with that, i'll be watching that ticket and looking forward for solution. Have a nice day!
Posted on 3/17/11 9:24 AM in reply to Wilson Man.
Adam Eri
Hello,
I am having the same problem as some other above. Facebook connect works, but user is not logged in after redirecting to the site. Any findings on that one?
Posted on 8/2/11 1:06 PM.
Wilson Man
hey Adam, the bug has been resolved in trunk and also in our 6 EE version. This bug exists in 6.0.6 CE, is that what you are using?
Posted on 8/3/11 8:29 PM in reply to Adam Eri.
Lina Margarita Holguin
Hi Wilson, actually i have Liferay 6.0.6 and i using authentication with Facebook but don't work. How get the solution in the trunk? I don't know what is the trunk.

Please Help me. Thank you!
Posted on 10/14/11 1:38 PM in reply to Wilson Man.
Lina Margarita Holguin
Hi Wilson again. I entered in your profile and went to the trunk. I entered in the revision 57489: " added text/verbiage to ask user whether they want to add user imported from fb. also....." and downloaded "FacebookConnectAction.java", "FacebookConnectUtil.java" and "FacebookAutoLogin.java" is correct that? or is other thing
Posted on 10/14/11 2:54 PM in reply to Lina Margarita Holguin.
Jossimar de Leon
Hi Wilson good works. I have the same problem, i have liferay 6.0.6 CE with Facebook authentication. The authentication works fine, but the login into liferay don't works. When the user add your facebook account to liferay, this return to the login page. Can you help me?
Posted on 10/15/11 9:23 AM in reply to Lina Margarita Holguin.
Lina Margarita Holguin
Hi to all, what is the revision in the trunk that have te solution. Please can you help me?
Posted on 10/17/11 1:54 PM in reply to Jossimar de Leon.
Wilson Man
hey Lina and Jossimar, I don't have the revision information for you since the section of code that introduced this issue is outside of the FB integration. However, here are some of the options for you:

1. search issues.liferay.com for bug fixed related to SSO since 6.0.6 CE.
2. use the 6.0.5 CE version since that was the last working version (provided that the 6.0.6 enhancements are not as important as FB SSO)
3. download 6.1 CE Beta instead since 6.1 is close to GA.
Posted on 10/17/11 2:20 PM in reply to Lina Margarita Holguin.
Lina Margarita Holguin
Thanks Wilson Man, in this moment i'm downloading 6.1.0 B3. for make the test with the Facebook authentication.

is this version close to GA near?

Thanks
Posted on 10/17/11 6:22 PM in reply to Wilson Man.
Lina Margarita Holguin
Hi Wilson i downloaded liferay 6.1 beta3 version unfortunately the Facebook Authentication does not work again. The user allowed the facebook app but not login into liferay. In the database the insert is correct but no login emoticon emoticon emoticon
Posted on 10/17/11 9:36 PM in reply to Lina Margarita Holguin.
Wilson Man
hi Lina, I've created this ticket that captures the issue you're seeing: http://issues.liferay.com/browse/LPS-22254

I've assigned it to our internal team and they will look into it. You can follow the progress of this ticket by adding yourself to the watch list. thanks for bringing this to our attention!
Posted on 10/18/11 12:13 PM in reply to Lina Margarita Holguin.
Cristian Chaparro
Hey Wilson i have the question i need get the Facebook Access Token (this is not problem), but i get the access token, i need the CODE from facebook, how i obtain this code into portlet?

I created my App into Facebook and look the facebook developers, but i dont know get the code from URL into portlet.

Thanks
Posted on 10/18/11 12:30 PM in reply to Wilson Man.
Wilson Man
hi Cristian, if you're trying to get a URL parameter in your portlet, you can get those answers in our community forums.

you can start with this thread: http://www.liferay.com/community/forums/-/message_boards/message/7589805

hope that helps
Posted on 10/19/11 10:55 PM in reply to Cristian Chaparro.
Lina Margarita Holguin
How i fix the bug in Facebook SSO ?? emoticon
Posted on 11/8/11 12:03 PM in reply to Wilson Man.
Carlos Sierra Andrés
Hi Lina,

if you are still facing this issue try wiping out all the cookies from your browser. I just found out that when you mix password authentication with facebook SSO the latter fails once you have authenticated via password.

Wiping the cookies out allows you to log in using Facebook until you log in using username/password again (at least it has happened a couple of times to me).

If this is some known bug I would like someone to point to the proper issue so I can track it.

Hope this helps.
Posted on 12/20/11 8:33 AM.
Carlos Sierra Andrés
I have having the same problem as Lina. I have narrowed it down to be a cookie problem. In my case it happens when I authenticate using username/password with the administrator user. If I authenticate using username/password with the liferay credentials created for the incoming facebook user everything works flawlessly.
Nevertheless, once I authenticate using the user/pass credentials of the instance administrator, I can never authenticate using facebook again until I clean the cookies for that virtualhost in my browser.
I haven't been able to reproduce this on my test environment but, and this is weird, when I get my "toxic" cookie in my production environment and try to authenticate on my testing environment (of course resolving the same host now in my test environment) I can't authenticate until I clean the cookies again. So what I am not being able to reproduce is creating the cookie in my testing environment.
I will try to dig a bit more into this to see if I am able to narrow it down more. If any other find this same problem please share.
Posted on 12/21/11 3:23 AM.
Lina Margarita Holguin
Yes Carlos Sierra Andrés, are problems with the cookies only with the user administrator
Posted on 2/25/12 10:38 AM in reply to Carlos Sierra Andrés.
[...] Hello, I've configured a facebook account and then i configured my local portal as described here: http://www.liferay.com/web/wilson.man/blog/-/blogs/5594111 , but when i try to authenticate using... [...] Read More
Posted on 4/6/12 11:38 AM.
[...] Hi, It is not as straightforward as just enabling a checkbox. Please check this link for configuring it properly Regards, Sandeep Flag Please sign in to flag this as inappropriate. Mark as an Answer [...] Read More
Posted on 5/2/12 8:36 AM.
Praveen P
I am not getting that facebook setting page, i have account but not getting similar page for configuratuion
Posted on 6/20/12 11:51 PM in reply to .
Sandro Rizzuto
Hi Wilson!

I'm using this portlet with Liferay 6.1.1 CE GA2 and it doesn't work when has to redirect to my portal home page...it stops to a blank page and into the console a strange error appears: 40: 53: missing ; before statement

Can help me? Have you any idea about it?

Thanks
Posted on 3/1/13 8:15 AM.