specific community available only with a smart card

掲示板

13年前に Stephen Theriault によって更新されました。

specific community available only with a smart card

New Member 投稿: 18 参加年月日: 10/06/24 最新の投稿

Hello

is there a way to access a community based on how a user logs in? aka smart card

what I'm trying to say is my project is using Single-sign on(OpenSSO) with liferay and also using a smart card log in with SSO.

for us a user who logs in to the system using a smart card will be able to access a specific community

we are sending a cookie when its a smart card log in and I'm seeing if that cookie is present and allow that user to access a community, no card no access.

any suggestion will help

thanks

13年前に Imtiaz Ahmed によって更新されました。

RE: specific community available only with a smart card

Junior Member 投稿: 57 参加年月日: 08/01/02 最新の投稿

You can create a group with rights to that community and assign users to that group when they login using the AutoLogin filter. This way only users loggin in with smart card will have access to the community you're specifying. For pointers, look for OpenSSOAutoLoginFilter. You can extend and provide your own functionality for the filter and specify your filter in place of the default in portal-ext.properties file.

I hope this helps.

Thanks,
Imtiaz

13年前に James McGovern によって更新されました。

RE: specific community available only with a smart card

Junior Member 投稿: 68 参加年月日: 10/06/13 最新の投稿

I think I am reading something slightly different. While you can authenticate using different methods, Liferay should keep around the method used to authenticate as a session variable. This can be especially useful if you are doing something like federated identity where you may use this variable to drive global signout, etc.

I recommend that you submit this as an enhancement request.

13年前に Stephen Theriault によって更新されました。

RE: specific community available only with a smart card

New Member 投稿: 18 参加年月日: 10/06/24 最新の投稿

where can i found this OpenSSOAutoLoginFilter?

13年前に Imtiaz Ahmed によって更新されました。

RE: specific community available only with a smart card

Junior Member 投稿: 57 参加年月日: 08/01/02 最新の投稿

in portal-ext.properties you can set the auto login hook as:

auto.login.hooks = com.liferay.portal.security.auth.OpenSSOAutoLogin,com.liferay.portal.security.auth.CASAutoLogin,com.liferay.portal.security.auth.NtlmAutoLogin,com.liferay.portal.security.auth.OpenIdAutoLogin,com.liferay.portal.security.auth.RememberMeAutoLogin

replace OpenSSOAutoLogin with your own implementation. Or you can do what Archi has suggested. That also seems like a viable option. In any case, you'll have to add the user to the group I mentioned in my previous post. Because if you simply redirect the user to that community, that community should be accessible to all the users regardless of their login method.

13年前に Archi Madhu によって更新されました。

RE: specific community available only with a smart card

Regular Member 投稿: 237 参加年月日: 08/03/25 最新の投稿

Hi Stephen,

I think you can implemented a custom LoginPostAction in that you can check for cookies ..

if cookies are set for smart card -- redirect to spcific community..
else redirect to normal community..

HTH!
Archi