组合视图 统一视图 树状图
讨论主题 [ 上一个 | 下一个 ]
toggle
surmsak mahit
How to implement custom authentication w/o having such user in the system?
2013年6月25日 上午4:31
答复

surmsak mahit

等级: New Member

帖子: 2

加入日期: 2013年6月25日

最近的帖子

Hi all,

I have a case on the login module on that, liferay will have to validate user,password retrieved from LDAP. There are some constraints that I couldn't just commonly integrate Liferay with LDAP via the built-in Liferay's LDAP configuration. The problem is the requirement that Liferay shall contains no users in database (to avoid duplication). It has to fetch user/password from LDAP via 3rd party's webservice, and bypass authentication and mapping roles/privilege (which are already created in liferay) to such user at runtime. Is this possible?

After done some researching, I found that I have to create a class that implements Authenticator interface, and also configure some configuration options to create a custom authentication mechanism (ex. modify auth.pipeline.pre=my.custom.class.name and set auth.pipeline.enable.liferay.check=false).

So I tried following all the steps above but couldn't make it work.

Is there a way to authenticate and log on user programmatically without user/password created in the Liferay database? (For ex. retrieve user's info from LDAP and put into the running thread)

However, I have roles and groups pre-created in the system and will be mapped to the user retrieved from LDAP on runtime.

Any idea?

Thank you in advance
David H Nebinger
RE: How to implement custom authentication w/o having such user in the syst
2013年6月25日 上午6:08
答复

David H Nebinger

Community Moderator

等级: Liferay Legend

帖子: 11295

加入日期: 2006年9月1日

最近的帖子

How many times do I need to say this?

It is simply not possible. The record must be in the User_ table in order to satisfy the logical foreign keys in the other tables.

It is not possible, under any circumstances, to have a user authenticate and use the portal that is not in the User_ table.

Period.
surmsak mahit
RE: How to implement custom authentication w/o having such user in the syst
2013年6月25日 上午11:14
答复

surmsak mahit

等级: New Member

帖子: 2

加入日期: 2013年6月25日

最近的帖子

I'm so new to this.
So I have to create user whatsoever after retrieving user's info.

Thanks for your kind answering this emoticon
David H Nebinger
RE: How to implement custom authentication w/o having such user in the syst
2013年6月25日 下午12:12
答复

David H Nebinger

Community Moderator

等级: Liferay Legend

帖子: 11295

加入日期: 2006年9月1日

最近的帖子

Sorry, Surmsak, I shouldn't have been so short.

As a recommendation, many questions that you're going to be asking have been covered in the forums before, especially this one that was covered recently. A quick google search prior to posting is typically a good idea...
Jack Bakker
RE: How to implement custom authentication w/o having such user in the syst
2013年6月25日 下午12:21
答复

Jack Bakker

等级: Liferay Master

帖子: 840

加入日期: 2010年1月3日

最近的帖子

Is there a way to authenticate and log on user programmatically without user/password created in the Liferay database? (For ex. retrieve user's info from LDAP and put into the running thread)

for Liferay to know about user and associations with resources in Liferay: liferay db user_ record for the user needs to be there