I am using Liferay CE 6.2 for my application. My application is a relying party and we want to do openId connect relying party implementation in Liferay. Can someone please guide me on this?
liferay 6.2 does not support that out of the box ... while being at liferay Devcon this week (4.11.2017 /6.11.2017) I have heard that it will be a feature in 7.1...
so every start with 6.2, is implementing it by yourself, which starts with the question which app server are you going to use and which is the issuing party of your jwt tokens ?
Related
I am a new Domino XPages developer. Does anyone know of a Two Factor Authentication solution for Xpages.
You don't authenticate with an application on Domino. (That's true whether it's built with XPages or not.) You authenticate with the server. IBM does not support two factor authentication for Domino, but a simple google of "lotus domino two factor authentication" will bring up results that include a few vendors of 3rd party solutions that work with Domino. You will, however, have to approach this as a systems admin issue, not a development problem, so if you have any follow-ups they will belong on ServerFault instead of StackOverflow.
Look at https://www.duosecurity.com/product/applications/api which you could use after user successfully authenticates against Domino server.
I'm trying to use the following guide to authenticate my (java) app to an internally hosted Sharepoint 2013 site: https://msdn.microsoft.com/en-us/library/jj687470.aspx
I've already registered the app and have the client ID and secret. Unfortunately, this method relies heavily on TokenHelper.cs (or .vb), but I'm unable to find a java equivalent that either Microsoft or a 3rd party developer has written.
Any help pointing me in the right direction would be appreciated!
Use the Active Directory Authentication Library. Instructions and libraries are available here.
Personally I have used the Android library, and I can say that it works like a charm.
I'm looking to learn more about web application security and user authentication as it applies in 2013 and beyond across technologies like PHP, Java + Spring, Python + Django/Flask, Ruby on Rails, and all modern application frameworks.
Anyone have any good suggestions?
I gleaned some from a popular security.stackexchange post but most of these are dated:
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
The Tangled Web by Michal Zalewski
Writing Secure Code v2 from MS Press
Any suggestions would be appreciated!
We have used spring security (Acegi Security) in various features like ( Database Authentication, LDAP Authentication, Web Authentication, Domain Authentication) in my project.
Please find the references.
http://www.springsource.org/spring-security
http://www.springsecuritybook.com/
http://static.springsource.org/spring-security/site/docs/3.2.x/reference/springsecurity-single.html
I came up with an idea to integrate Lync Server as a Java portlet to Liferay environment. What I would like to have is people names, photos, presence information and contact points on a portlet which communicates the data from Lync server.
(With contact point I mean those direct Voip or IM communications integrations that I suppose belong to the Lync concept.)
I don't know if there exist any ready integrations and if not, what material could be found about APIs and stuff like that so that I could probably code one of my own.
Thanks for interest and tips already beforehand!
I'm no Liferay expert, but i'm guessing Web Based Portal - right? If so, then yes, you can do what you need to.
Are you running the Lync client on the machines? if not, then you'll need to build some server infrastructure.
First step would be to download and install the UCMA 3.0 SDK.
At the back end, you would need to build a UCMA application that logs on to your Lync environment - the process of building and deploying is fairly lengthy, but described well here
You'd also need to build in a web service layer, so you can expose methods over the web, e.g. GetContacts, etc. The methods behind your web service would need to call into the UCMA app to fetch the required information.
Then you'd just need to build the necessary html and javascript to call the web services.
There is a codeplex project that does some of this - at the very least, it would be a great starting point
The whole thing is a lot easier if you are running Lync on the client, and if Silverlight is an option.
You'd need to download the Lync SDK. This contains a bunch of Silverlight controls that allow the user to e.g. see contact details, see a contacts availability, click to call etc. It would then just be a case of creating a Silverlight app using the controls, and then wrapping this inside a portlet.
Edit: George Durzi and Michael Greenlee's book is great for getting started with this, whichever route you go down.
I have worked with Websphere Portal 6.0,6.1 and developed portal applications usign JSR 168,JSR 286 Portlets.
Now I am moving to project where I will be working with Liferay portal server and JSR 168,JSR 286.
I know that as per programming interface (JSRs) It will be the same. But want to know what are the major difference at server level ( features,configuration,architecture, out-of-box services) when compared to Websphere Portal ?
Thanks
Liferay also supports JSR168 and JSR286 portlets, so in respect to that you can use the same API's as you are using in WebSphere Portal. The product itself cannot be easily compared to WPS as they both have different concepts. Liferay doesn't have a credential vault, for example, but it still supports SSO (NTLM or CAS). Your WebSphere Portal knowledge won't help you much in Liferay development, as it is a totally different product.
I agree the configuration will be different but I think it will help a lot the fact that you are prepared to think about the information architechture.
The main difference is that Liferay is not really that much prepared for escalability. It uses velocity so neither of the tags you use will help (Placeholders, component, element, etc).
It doesnt have that many portlets by default so you will have to develop a lot from the starter point.
Check this out for a really nice comparision (the slides are in spanish, and require the flash plug-in):
http://www.slideshare.net/mcimino/websphere-portal-vs-liferay-by-gartner-v10
Basically Liferay weaker points are in B2C and support. If you need to build a site that will rely heavily on personalization, you will have much work to do too.
Hope it helps