掲示板
specific community available only with a smart card
13年前 に Stephen Theriault によって更新されました。
specific community available only with a smart card
New Member 投稿: 18 参加年月日: 10/06/24 最新の投稿
Hello
is there a way to access a community based on how a user logs in? aka smart card
what I'm trying to say is my project is using Single-sign on(OpenSSO) with liferay and also using a smart card log in with SSO.
for us a user who logs in to the system using a smart card will be able to access a specific community
we are sending a cookie when its a smart card log in and I'm seeing if that cookie is present and allow that user to access a community, no card no access.
any suggestion will help
thanks
is there a way to access a community based on how a user logs in? aka smart card
what I'm trying to say is my project is using Single-sign on(OpenSSO) with liferay and also using a smart card log in with SSO.
for us a user who logs in to the system using a smart card will be able to access a specific community
we are sending a cookie when its a smart card log in and I'm seeing if that cookie is present and allow that user to access a community, no card no access.
any suggestion will help
thanks
13年前 に Imtiaz Ahmed によって更新されました。
RE: specific community available only with a smart card
Junior Member 投稿: 57 参加年月日: 08/01/02 最新の投稿
You can create a group with rights to that community and assign users to that group when they login using the AutoLogin filter. This way only users loggin in with smart card will have access to the community you're specifying. For pointers, look for OpenSSOAutoLoginFilter. You can extend and provide your own functionality for the filter and specify your filter in place of the default in portal-ext.properties file.
I hope this helps.
Thanks,
Imtiaz
I hope this helps.
Thanks,
Imtiaz
13年前 に James McGovern によって更新されました。
RE: specific community available only with a smart card
Junior Member 投稿: 68 参加年月日: 10/06/13 最新の投稿
I think I am reading something slightly different. While you can authenticate using different methods, Liferay should keep around the method used to authenticate as a session variable. This can be especially useful if you are doing something like federated identity where you may use this variable to drive global signout, etc.
I recommend that you submit this as an enhancement request.
I recommend that you submit this as an enhancement request.
13年前 に Stephen Theriault によって更新されました。
RE: specific community available only with a smart card
New Member 投稿: 18 参加年月日: 10/06/24 最新の投稿
where can i found this OpenSSOAutoLoginFilter?
13年前 に Imtiaz Ahmed によって更新されました。
RE: specific community available only with a smart card
Junior Member 投稿: 57 参加年月日: 08/01/02 最新の投稿
in portal-ext.properties you can set the auto login hook as:
replace OpenSSOAutoLogin with your own implementation. Or you can do what Archi has suggested. That also seems like a viable option. In any case, you'll have to add the user to the group I mentioned in my previous post. Because if you simply redirect the user to that community, that community should be accessible to all the users regardless of their login method.
auto.login.hooks = com.liferay.portal.security.auth.OpenSSOAutoLogin,com.liferay.portal.security.auth.CASAutoLogin,com.liferay.portal.security.auth.NtlmAutoLogin,com.liferay.portal.security.auth.OpenIdAutoLogin,com.liferay.portal.security.auth.RememberMeAutoLogin
replace OpenSSOAutoLogin with your own implementation. Or you can do what Archi has suggested. That also seems like a viable option. In any case, you'll have to add the user to the group I mentioned in my previous post. Because if you simply redirect the user to that community, that community should be accessible to all the users regardless of their login method.
13年前 に Archi Madhu によって更新されました。
RE: specific community available only with a smart card
Regular Member 投稿: 237 参加年月日: 08/03/25 最新の投稿
Hi Stephen,
I think you can implemented a custom LoginPostAction in that you can check for cookies ..
if cookies are set for smart card -- redirect to spcific community..
else redirect to normal community..
HTH!
Archi
I think you can implemented a custom LoginPostAction in that you can check for cookies ..
if cookies are set for smart card -- redirect to spcific community..
else redirect to normal community..
HTH!
Archi