We are setting up a portal based on Liferay at the same time we are moving our insitution's intranet onto Tridion CMS.
Tridion is using google mini as its search tool, while Liferay is using lucene.
What we want is a single search that indexes both systems.
The big issue for us is that Liferay is using CAS for authentication and we are not sure how to get google mini authenticated into liferay.
I have the same problem. I am going to create a service-api-admin account in liferay and add an additional authentication AutoLogin via the auto.login.hooks property (in portal-ext.properties). That authenticator will use the liferay database password value to verify the service-api-admin account without going through CAS so you will be able to supply authentication with your REST calls.
You can set LDAP for Liferay and Google mini can LDAP too.
Related
I have a basic ASP.NET MVC 3 site using Forms authentication, which will be internet-facing.
I also want to implement a Windows application, purely for intranet usage, which will allow users to maintain various aspects of the ASP.NET user database (it has additional tables and fields beyond the stock schema).
My initial thoughts are that I could do this by having various actions in my controller classes, into which I could pass a dedicated username/password and then within each action method validate those credentials using Membership.ValidateUser() .
I realise I could use mixed-mode authentication with Windows authentication for the intranet part but this seems to me like a lot of unnecessary faffing since the intranet users won't be using a browser to do this.
The Windows application will running on the corporate intranet and will be accessing those MVC 3 actions on the website via internal HTTP requests using this dedicated username/password in the query string.
Question: Is this safe enough?
Hi we have a similar situation, we chose to build the management interface into the web application and using ASP_NET Roles to give access to it.
Otherwise (not sure how it works) but in the properties of a Windows Forms project you have the option of using forms authentication, this could possibly be a better solution.
being completely new to the Sharepoint scene, I was wondering what basic solutions are to the problem I'm facing.
I have 2 different webapplications, which are both accessed by my clients by different logins.
I want to simplify things and let them just log in on a Sharepoint application, so they have 2 links on their portal to the webapplications, without having to login again, preferably without changing the existing webapplications.
Is this possible using the Secure Store Service in Sharepoint 2010? Or are there better options?
What kind of authentication mechanism you use on your sites? Maybe you should consider using Windows Integrated Authentication and not handle the whole authentication issue at all?
If you are using forms authentication, you can point sharepoint at the same authentication database as your other applications.
I want to use authentication web services that is exposed by my legacy client. But I cannot copy those user information in to liferay database. Can any one help me to write a custom authentication service OR a hook/plugin to reuse my own implementation for authentication?
I want to use authentication web services that is exposed by my legacy client.
You need to implement Liferay's com.liferay.portal.security.auth.Authenticator class to use your own custom authenticator that would call your web services. This can be plugged into Liferay by adding the folliowing to portal-ext.properties: auth.pipeline.pre=[your classpath].
But I cannot copy those user information in to liferay database.
I believe that if you don't want to store your user data in Liferay you can also use auth.pipeline.enable.liferay.check=false in the portal-ext.properties file. Mind you, I'm trying to do the same right now and I'm not having much luck.
Good luck!
Ray
The information Ray you gave is correct, as a hint here: http://www.liferay.com/community/wiki/-/wiki/Main/Developing+a+Custom+Authentication+System is a good step by step tutorial which I do use for a similar approach.
regards
Johannes
I'm developing an ASP.NET MVC site that utilizes forms authentication for part of the application. During development, I need to be able to give external parties access to a development server hosting the site. Since I don't want to expose the site to the entire internet, I need to password protect it while still allowing forms authentication to be in use.
Mixing of Windows and forms authentication doesn't work. Is there a standard way of doing this? I would have to think this is a common scenario. The article on MSDN doesn't seem to apply to my situation: http://msdn.microsoft.com/en-us/library/ms972958.aspx
Update: The first two answers suggest adding in standard IIS basic/digest authentication. As far as I know, this is not compatible with forms authentication because the user's identity will be set to the Windows account, not the identity used through forms authentication. I need the two to be completely independent. Any thoughts?
You could protect it in IIS, give those details to the external parties, and leave the forms auth as it is.
Disable anonomous access to force the users to login via a windows account before accessing the site.
I knew a guy who did this using Apache and a reverse proxy.
http://www.apachetutor.org/admin/reverseproxies
Well unfortunately what you're trying to do is not possible in IIS7 (integrated mode), but there is a workaround. I suggest you to read this article written by Mike Volodarsky a former program manager for IIS7 at Microsoft. Article addresses your problem and there is even a sample code you could use.
Besides what it comes with in 2.0 (the generated aspnetdb.mdf), is there a standard login authorization authentication system for asp.net Internet websites? One that can plug into a website.
"the generated aspnetdb.mdf" is the ASP.NET Membership model. You can use it in websites without the generated aspnetdb.mdf.
From an article in MSDN called Introduction to Membership:
ASP.NET membership gives you a
built-in way to validate and store
user credentials. ASP.NET membership
therefore helps you manage user
authentication in your Web sites. You
can use ASP.NET membership with
ASP.NET Forms authentication or with
the ASP.NET login controls to create a
complete system for authenticating
users.
See my answer and comments here, too.
You can use aspnet_regsql.exe to create the required tables/sprocs/views in any sql server db of your choosing. Once you've added the proper connection string and membershhip configuration, you can use all of the membership stuff that was added with .net 2.0
4 Guys has a pretty good tutorial on how to implement the membership system, and they cover using aspnet_regsql.exe.