I want to disable hybris in-build soft login functionality.I have restarted the hybris server still able to see the customer as logged customer.
I tried with changging the some tomacat server properties like context.xml
<Manager pathname="" />
Still its not working.
Hybris in-build soft login functionality or remember-me tag functionality can be disabled using two ways, the first that I suggest :
First : Remove the remember-me configuration from spring security file spring-security.xml :
<security:remember-me key="myKey" token-validity-seconds="864000" />
Seconde : Remove the input checkbox from jsp (not recommended)
<input id="j_remember" name="_spring_security_remember_me" type="checkbox">
Hybris Soft login is a feature of spring security.A soft logged in user can browse the application, but pages like account page and checkout pages are secured by hard login. To access these pages, he has to provide password again.
Comment the security:remember-me tag in the spring-security.xml file
<!-- <security:remember-me key="hybrisshopstorefront" services-ref="rememberMeServices"/> -->
Thanks.
Related
Once the Liferay Start Up page is displayed , there is a Sign-in Hyperlink , and once we click on that Sign-in Hyperlink it will take us to the Page where it will display the actual Login page.
What is the name of that JSP page (The Actual page with Email, Password and the Submit Button)?
I am using Liferay 6.1.
If you are thinking of modifying any JSP which is already there in liferay, consider modifying using hooks so that you dont have to restart liferay server since hooks are hot-deployable and easy to manage.
To learn more about hooks follow this link. http://www.liferay.com/documentation/liferay-portal/6.1/development/-/ai/hoo-4
The login link call login portlet. But you can change default login page, add to portal-ext.properties auth.login.url=mypageurl.
If what you want to do in your new login page is to add new fields then using Liferay custom fields will be the way go. You can define custom fields for User and make them editable and then add the into the login.jsp file using this tag
<div class="exp-ctrl-holder">
<liferay-ui:custom-attribute
className="<%=User.class.getName()%>"
classPK="<%=0%>"
editable="<%=true%>"
label="<%=true%>"
name="FieldName" />
</div>
This edit should be done using a hook
or
if you want to add additional logic to the login action then using the Liferay Extension environment is the best solution.
I am using Liferay 6 for development .
I have developed a Custom Login Portlet using Struts2 .
I am able to display my Custom Login page , On click of the Submit Button after validating the credentials aganist our MYSQL Databse , please tell me how can i display my 4 other Custom Portlets on entering valid credentials ??
please guide me what is the concept i should refer for this in liferay
( I am using Liferay 6 for development )
Okay, the way I would suggest you do this is by:
adding the 4 other portlets to your Custom Login page (or add a redirect on successful login, and them to the page you redirect to)
Set the permissions of your Custom Portlets to be viewable by only authenticated users. This can be done by removing Guest "View" permissions. This way a non-authenticated user or "Guest" won't see your portlets when the go to the page.
Does this answer your question?
~~ EDIT IN RESPONSE TO COMMENT ~~
Okay, so if you're using Struts, instead of redirecting to a JSP file, you want to redirect to a URL instead. So instead of /view/result.jsp it should be something like http://yoursite.com/page_with_4_portlets_on_it or just a relative URL /page_with_4_portlets_on_it (if the two pages are on the same Navigation level.
HOWEVER:
If you're new to Liferay then I would strongly suggest you use Liferay's inbuilt Portlet architecture using their MVCPortlet class. This will handle all the mappings, and workings that you have to manually write for using Struts. Then you can implement a doPost() method and do a ActionResponse.sendRedirect("/page_with_4_portlets_on_it");
Then this means that when your form action completes Liferay will redirect the user to the page you've specified.
The best place to get started with Liferay 6 portlets, the Liferay way is here.
I have modified the static page of the Liferay Page by using portal-ext.properties inside
D:\Liferay\Liferay Tomcat\liferay-portal-6.1.0-ce-b4\tomcat-7.0.22\webapps\ROOT\WEB-INF\classes
**portal-ext.properties
auth.login.community.url=/Test.jsp**
This Particular Test.jsp is kept under path
D:\Liferay\Liferay Tomcat\liferay-portal-6.1.0-ce-b4\tomcat-7.0.22\webapps\ROOT
This is my Test.jsp page
<form method="POST" action="/MyActionclass">
Enter your name:</font><input type="text" name="username" size="20"></p>
Enter your password:</font><input type="text" name="password" size="20"></p>
</form>
This works fine, custom page is loaded.
Please tell me, where to configure this MyActionclass so that it will receive the data submitted from the JSP?
My requirement is that, once the username and password are validated inside the MyActionclass (Hardocded as per now), I will display my portlets developed.
I would suggest that you create a custom Portlet using the Liferay 6 Plugins-SDK for your solution. Then you can just use the standard Portlet architecture to handle the authentication etc.
Equally you can just use Liferay's login portlet to authenticate users.
Either way you'll need to set permissions on the portlets you want to display after successful login to not have Guest "View" permissions, and make sure that the Role assigned to Logged in users has "View" permissions. This will hide them from any non Liferay authenticated user.
If you look at the Wiki post about Liferay Plugins-SDK you can get started with creating your own portlet (if you haven't done so already).
Hope this helps!
I've got a theme which has a login portlet embedded in the header and I dont wish for validation messages to appear on this login portlet, instead I want Liferay to redirect to the maximized version of the login portlet with the validation errors.
Is there any easy way to do this through the Velocity template files?
The best workaround I can come up with is to hardcode a HTML form which posts to the login struts action which seems to show validation errors on a maximized loging portlet
Thank you
I don't believe Liferay 6.0 has the capability to overwrite portlet code using a VM. It is, however, a new feature in the upcoming 6.1 release.
But if you're tied into Liferay 6.0, you may create a hook plugin to tackle this problem.
Create a hook plugin.
In your hook.xml define:
<hook>
<custom-jsp-dir>/META-INF/custom_jsps</custom-jsp-dir>
</hook>
In copy the original login.jsp from Liferay Portal to /META-INF/custom_jsps/html/portlet/login.jsp.
You'll want to modify the form action's URL to have window state maximized. You can do so by adding the windowState attribute to the tag lib that generates the URL. For Example:
<portlet:actionURL windowState="<%= LiferayWindowState.MAXIMIZED.toString() %>" />
After deploying this hook plugin, the logins should go to a maximized state unless redirected by a successful login.
In a Sharepoint web page I am having a problem identifying the logged in user!
The Masterpage contains a normal ootb control that displays the username
<%# Register TagPrefix="wssuc" TagName="Welcome" Src="~/_controltemplates/Welcome.ascx" %>
.....
.....
<wssuc:Welcome id="explitLogout" runat="server" />
This always displayed the correct logged on user.
However if I call
HttpContext.Current.User.Identity.Name
from within a webpart then In 1 or 2 % of cases I will get the incorrect name returned.
This gives me a page that will have the correct username at the top, and the incorrect one in the webpart. Other methods of getting the name in the webpart return the same incorrect name. If the name checker webpart is on the same page multiple times then very rarely the second copy of the webpart will have the correct name or a third incorrect identity!
The identities are stored in Active Directory, and the users authenticate against and ISA server, users are not on the same domain as the SharePoint infrastructure. The sharepoint farm is rather complex with the ISA servers, four web front ends, an apps server and finally a database server.
Has anyone had this happen before? or have any clue as to the direction I should take to investigate the problem!
The servers are running IIS6 on server 2003. Sharepoint is at SP2 but without the latest bunch of patches.
Additional:
Output Cache is enabled. Authenticated Cache Profile is "Intranet"
The settings for that profile are as follows
Title Intranet (Collaboration Site)
Display Name (BLANK)
Display Description Optimized for collaboration sites where authoring, web part cusomization, and minor version are enabled.
Perform ACL Check Yes
Enabled Yes
Duration 180
Check for Changes Yes
Vary by Custom Parameter (BLANK)
Vary by HTTP Header Browser
Vary by Query String Parameters (BLANK)
Vary by User Rights Yes
Cacheability ServerAndPrivate
Safe for Authenticated Use Yes
Allow writers to view cached content (BLANK)
SharePoint runs under the application pool account. You need to use
SPContext.Current.Web.CurrentUser.LoginName
to get the current user.
This was a while ago and I am sorry for not reporting back our solution... and now I don't remember clearly what it was! Something to do with Donut Caching that we had misunderstood.
http://blogs.catapultsystems.com/tlingenfelder/archive/2011/03/24/sharepoint-caching-techniques.aspx