I am looking to have two factor authentication. That is after login, i want to show an intermediate page. Only after some action has been done on the second page, user is taken to the landing page.
I have logic for second factor authentication ready. Its basically a jsp with some action.
However I am not sure what is the right approach to insert this intermediate page.
I have seen terms of use page, wherein the flag is maintained in db and the code is there in actual implementation class. I dont want to use extension plugin to do this. So I ruled out that option.
Second way is to have a Service Pre Action hook and do the necessary check here. But when I place the code in here, it goes to infinite loop.
Any other way I can do this? Hook is my preference.
Second way is to have a Service Pre Action hook and do the necessary
check here. But when I place the code in here, it goes to infinite
loop.
Not sure why this would happen, may be you would need to add a check or a flag which would execute your code only if the second tier authentication fails else it should just normally run the ServicePreAction code.
Another way I can think of is to use a custom struts-action to show your JSP and do the desired action in the custom action class.
Hope this helps.
I have not checked how to achieve that, but my guess is that extending the login portlet in a hook is the best way.
you can store the redirection url, redirect to the intermediate page and then load the stored url.
Regards.
Related
I have some customized list forms.
I would like to navigate to the site home page/other URL on success of the form.
Is there any possible method to accomplish this?
EDIT: Currently when the form is closed, the user is taken to the concerned list.
Use the Launch function.
For example
Launch("https://www.stackoverflow.com")
You can also pass parameters. Read the full documenation here:
https://learn.microsoft.com/en-us/powerapps/maker/canvas-apps/functions/function-param
I made a simple workflow in Orchard 1.9.1 to notify when a dynamic forms is submitted.
I didn't set any prpoperty/data on the Start Activity so that it can capture all Dynamic Forms submission. However there seems an issue and the workflow is NOT being invoked.
I followed steps from here: http://docs.orchardproject.net/Documentation/Workflows
But this notify activity or may be even the start activity doesn't seem to be invoked/working . What More settings are required to get this workflow in action ?
Also, I have set the redirect URL in "Forms" element properties but the form isn't redirecting. What can be the issue here as well ?
I have not seen this problem with a workflow before. I assume there's nothing in the logs?
My first guess would be that it's your form that is not submitting properly, try to remove that redirect, also make sure there's isn't some validation error blocking it, if you placed recaptcha element remove it and try again.
Second guess which is not very likely is that you have somehow managed to hide notification zone, either with CSS or in layout view #Zone(Model.Messages)
I need to call the one method before action method calls in portlet controller.
So here I am using a hook like:
Create Hook
Create a class and extend Action.
Override run method write my own logic.
Create portal.properties file and added following line
servlet.service.events.pre=com.liferay.sample.hook.LoginAction
Pointing it fron liferay-hook.xml
Every thing was went fine but here the problem with this one is the created hook is executed each and every time page load but I want execute this hook is only when I click on the Action buttons(Action urls) in any portlet.
Can any help me out on it?
Thanks in Advance.
Naresh Kallamadi
The property you are using relates to service actions, which are invoked before or after every Action. From my experience service actions happens every time a page loads. This would explain the behavior you are seeing.
For more in-depth understanding, the article Overriding Events and working with preactions and postactions in EXT will help.
I think you may want to dig more into the portlet actions and phases to achieve what you may need. Please post back if you have more details (code example of what you have tried etc.) on the exact behavior in the portlet you need help with.
Hope this helps.
This is basically two question? First i was wonder how to change the page liferay redirects when a user tries to access a page that has Power User view permissions. Liferay by default points to localhost:web/guest/home where they have their login page. On my application i have a different login in page and i want to redirect to the following page. I was browsing the web and found out that by setting auth.login.site.url=/whereiwontittopoint should actualy redirect me there. However it does not. I'm using Liferay 6.0.6 Community Editions. Has anyone done this? Is this the right way or this need to be done with a hook?
My other question is the following. I want to have a custom role on some pages. And i want when a user does not have that specfic role to be redirect to a totaly different page not the default login. I'm fairly sure this can be done by using the hook on some service but for some reason i can not identify this service.
EDIT
Ok for the first question i solved the issues. For the second question the answers i got here were not what i was looking for probably because i didn't post the question correctly. This is a full scenario of what i have done and what i need to do:
First of all i changed the /web/guest path that's on every liferay page to web/somthing/ this might not play a crucial role but the problems(some of the problems) started when that happend. THe over all idea is the following. I'm using spring mvc to create the application. I have created a backend to my application from where the admin can create pages for other users to see(This is not done by going to the control panel of liferay and adding a page but through the logic of the application). Once a page is created depending on some logic i create a role for that certain page(customer role also through code not the liferay admin). Some of the users are given this role if the satisfy some criteria and some are not. Here my problem arises, once a user that is loged in to my application tries to access a page (by inputting a direct URL in the browser to the page) that requres the view permision of the role i create for that page and the user does not have the appropriate role he gets redirect to lets say localhost/web/(username)/home a personal page and for some reason on that page by default from liferay he is able to view personal data(user name) of all other users of the application. My question is how through code to handle the redirection that happens of the above scenario.
I have tried on one attempt to actualy hook the servlet.service.events.pre action and before the user access that page to check if he has the appropriate permisions and actualy change his request. So far i have some issues but i can resolve them but this approach is not what i not rly what i am looking for because this action is executed before every single request on the application( and the page handling is just small part of that application) which means i will have a lot of code executing for no reason. I was wondering if there are any ways to add where the exception will redirect when i create the role? If not what action should i hook that will help me solve this scenario but with out the unneeded extrea trafic that i am creating with hooking servlet.service.events.pre action?
For the second stuff a bit hacky way could be as follows
1) Define set of roles against which you want to check in portal-ext.properties. You can add some property like my.super.secret.roles=rolename1,rolename2
2) Add a property for a redirect page url in portal-ext.properties so that you can redirect user there.
3)Add a custom attribute for Layout named checkForSecretRoles which has to be boolean and visible on Page. This will show you a checkbox in Manage page for each page, so that an admin can easily check or uncheck the value
4)Add a condition in your theme (portal_normal.vm) to check if the page has a check for secret role and then check the users role falls in any of the roles defined in portal-ext.properties. If yes then issue a redirect to the page specified by your custom redirect page url property
For your first question, it should work -
auth.forward.last.paths=/sign-in
sign-in would be your page name
The answer for your second question is, you have to create a Hook extending Action and made the below entry in your portal-ext.properties.
login.events.post=com.liferay.portal.events.LoginPostAction,com.liferay.portal.events.CustomLandingPageAction
There is a lot of information you can found on forum about how to use this property.
for 1. set default.landing.page.path=/whereiwontittopoint in portal.properties, see Liferay Login page redirect
for 2. create a hook, set servlet.service.events.post=com.my.action.MyAction and impliment this action, at this point you can redirect user to another page.
It is a well known problem to every web developer. As far as I tried to find a good solution to this problem - there was none (or at least I could not find it).
Lets assume the following:
The user does not behave, as he was expected to. The actual project I'm working in uses a navigation within the web portal. But if the user uses the browser's back button, the whole thing becomes jeoprady[?] and the result was not always predictable.
We used the struts framework and stored the back-url into forms - at some places, where we needed a back-url - this has been rendered out of this form's back-url. For there was only a singe field for this information and therefore it was not possible of going back multiple steps.
When you change the "struts-flow" - which may result in using a different form - this information will be lost.
If the user dares to put a bookmark somewhere within your webapp - this information may never have been set and again the result will again be either unpredictable or not flexible enough!
My "solution":
I was storing every navigation-relevant page the user visited onto a stack-like storage into the session. This means a navigation-path is collected and stored for later navigations.
At any page within the webapp, where back-navigations are involved I used a self-made tag which renders the stack-content into the url.
And thats it.
When this back-url was clicked, the stack has been filled with the content from the back-url clicked by the user (which holds all information from the stack once the back-link was rendered).
This is quite clear, because a click on a link is a clear state, where the web developer exactly knows, where the user "is" a this very moment - absolutely independant from whatever the user did before (e.g. hitting the browser back button multiple times). Then the navigation stack is built upon this new state.
Resumé:
It becomes clear, that this won't be the best solution. But it allows storing additional information on the stack like page parameters and some other useful stuff (further developments possible).
So, what were your solutions to this problem?
cheers,
mana
The stack solution sounds interesting, but it will probably break if the user chooses to navigate "in parallel" on different tabs or using bookmarks.
I'm afraid I don't really understand why you have to keep all this state for each user: ideally the web should follow the REST principle and be completely stateless. Therefore a single URL should identify a single resource, without having to keep the navigation history of each user.
If your web app relies heavily on AJAX, you could try to implement something like GMail (admittedly, not so easy...), where each change in the interface is reflected in a change in the page URL. Therefore each page is identified by the current URL and the user can navigate concurrently or use the back button as usual.