Combination View Flat View Tree View
Threads [ Previous | Next ]
toggle
Chandima Jayawickrema
Liferay 6.1 - Authentication using AD Username instead of Email address
April 8, 2013 1:31 AM
Answer

Chandima Jayawickrema

Rank: New Member

Posts: 7

Join Date: April 8, 2013

Recent Posts

Hi Everyone,

Does Liferay support authentication through Active Directory Standard ID/ Username instead of using Email address of a User? The default behavior of Liferay is to request user email and password where we need it to be asking for the AD username + password and Liferay should be able to authenticate the user and keep the username and email(optional) in its database.
If this is not even possible, can Liferay at least be configured/modified to do the authentication in its default way(using email) and store the AD username in its User_ table?

The reason behind this requirement is that, we are planning to keep Liferay as the centralized user-base where multiple client applications will get authenticated and authorized. These client applications can only transmit the username of the AD user, and some server logic will check with Liferay DB whether this username is authorized or not. To do this properly, Liferay must have the AD username in its user_ table but unfortunately it is not available as of now. Even a string manipulation logic doesn't work as the AD username is not even related to the email address.
e.g. username = X12345, email = abcde@company.com



Highly appreciate your support.
Amit Doshi
RE: Liferay 6.1 - Authentication using AD Username instead of Email address
April 8, 2013 4:13 AM
Answer

Amit Doshi

Rank: Liferay Master

Posts: 549

Join Date: December 29, 2010

Recent Posts

Hi Chandima,

You can make the liferay authentication by Screen name and then you can link the AD username with the liferay Screenname.

Thanks & Regards,
Amit Doshi
Vilmos Papp
RE: Liferay 6.1 - Authentication using AD Username instead of Email address
April 8, 2013 6:19 AM
Answer

Vilmos Papp

LIFERAY STAFF

Rank: Liferay Master

Posts: 521

Join Date: October 21, 2010

Recent Posts

You have at least two options for this:

1.) Go to Control Panel > Portal Settings > Authentication and select "By Screen Name" from the combobox and save your settings
2.) Add this line to your portal-ext.properties file: company.security.auth.type=screenName

Note, that if you already changed it on UI, the UI settings will have precedence over the properties file's setting.
Pradeep Sharma
RE: Liferay 6.1 - Authentication using AD Username instead of Email address
April 8, 2013 8:22 AM
Answer

Pradeep Sharma

Rank: Junior Member

Posts: 49

Join Date: September 6, 2011

Recent Posts

Hi Chandima,

Are you sure that your Liferay portal is properly hooked up with AD, If yes follow the below instruction provided and also make sure you turn off the change password option otherwise it will prompt to change of password. Hope you are done now with your issue.

Enjoy !!!
Chandima Jayawickrema
RE: Liferay 6.1 - Authentication using AD Username instead of Email address
April 10, 2013 3:53 AM
Answer

Chandima Jayawickrema

Rank: New Member

Posts: 7

Join Date: April 8, 2013

Recent Posts

Thanks Vilmos and everyone else for your quick replies.

Before trying out i would like to clarify few more things coz we have some DB restrictions.

As of now the screenName in User_ table seems to have usernames associated with a number.
e.g. username.1, username.2
This is why I thought username based authentication would not work with liferay.

Is there anyway I can recover the actual screenNames (without those numbers at the end) after I switched to Screen Name authentication? Or will liferay do this automatically? I am afraid whether we would lose all the user entries coz of this.

Appreciate your feedback.
Vilmos Papp
RE: Liferay 6.1 - Authentication using AD Username instead of Email address
April 18, 2013 1:11 AM
Answer

Vilmos Papp

LIFERAY STAFF

Rank: Liferay Master

Posts: 521

Join Date: October 21, 2010

Recent Posts

Hi,

I'm not sure, you should check the LDAP Import parts of the code to see what happens. I guess we update some data, but I used it a few years earlier so currently I cannot tell it exactly. If I have some time, I'll check it and give feedback about it, but I'm not sure when will have some time to check it.
Chandima Jayawickrema
RE: Liferay 6.1 - Authentication using AD Username instead of Email address
April 22, 2013 10:36 PM
Answer

Chandima Jayawickrema

Rank: New Member

Posts: 7

Join Date: April 8, 2013

Recent Posts

Thanks Vilmos, will check it out. Really appreciate your support