I want to use authentication web services that is exposed by my legacy client. But I cannot copy those user information in to liferay database. Can any one help me to write a custom authentication service OR a hook/plugin to reuse my own implementation for authentication?
I want to use authentication web services that is exposed by my legacy client.
You need to implement Liferay's com.liferay.portal.security.auth.Authenticator class to use your own custom authenticator that would call your web services. This can be plugged into Liferay by adding the folliowing to portal-ext.properties: auth.pipeline.pre=[your classpath].
But I cannot copy those user information in to liferay database.
I believe that if you don't want to store your user data in Liferay you can also use auth.pipeline.enable.liferay.check=false in the portal-ext.properties file. Mind you, I'm trying to do the same right now and I'm not having much luck.
Good luck!
Ray
The information Ray you gave is correct, as a hint here: http://www.liferay.com/community/wiki/-/wiki/Main/Developing+a+Custom+Authentication+System is a good step by step tutorial which I do use for a similar approach.
regards
Johannes
Related
So my project has got a two asp.net projects. One is for showing date(User Interface) and the another one is API(for background processes like login, database calls and etc.). Right now my app has Username and Password feature to login. I have setup a startup class in my API which authenticates the user and pass the user token. Now I want to add a feature to login through Azure portal.
Can anyone suggest me a good practice in this situation? Like I don't want to change my code and just add a feature. Should I make changes in API or Web or Both? Meanwhile I was reading about expose api in app registration. Will it be appropriate to use it just for login purposes?
Azure AD supports OAuth2, OIDC and SAML. See more information here. It is probably best to introduce the mechanism through the API first, since it would apply to the frontend as well (though slight modifications may be required there as well).
I have a naive question.
I am looking for some web application that implements Authentication and Authorization mechanism using api keys.
Example Case: Users authenticate themselves using an api key (apikey generation
mechanism is either GOOGLE or any other free service). The logic identify the user along
with the provided apikey and release resource access delegation accordingly]
For me the optimal case is to use Grails framework with oracle database.
Is there any web application for that?, otherwise how would I follow step by step to accomplish it?
I would do a search on the Grails plugin site for oauth plugins:
http://plugins.grails.org/
Look at what they offer, and maybe look at the code to see how you can extend them to get what you want.
I would also take a look at the Spring Security Rest plugin.
It really depends on authentication methods that you're using. I suppose in order to secure REST APIs, you can probably write a filter/interceptor to check against any third party auth that you desire. I reckon that you're probably having the idea of using JWT authentication for this, right?
Any option available to authenticate users accessing my app on bluemix URL?
I want to make a set of audience to use my bluemix URL?Any leads how to implement this?
You can go to your app overview page and click on edit routes. You would see enable app authentication property which by default is OFF. Make that to "ON". After that you need to add member to your organisation who would have access to your app.
Attaching a sample screenshot for your help :
The SSO service is the way to go if all the users accessing your application have an IBM ID. In some cases we have used a more custom api key approach or even pre-exchanged certificates for which you would need to add some code for.
In bluemix you can add people to your organization, once you do that they will be able to manage your app, delete, restart, stop, etc.
Take in mind that you are the one who pay for the app so if they add memory or instances you will be charged for those expenses.
In order to add people to your organization:
Login to https://ace.ng.bluemix.net
Click on 'MANAGE ORGANIZATIONS'
Add/invite a bluemix user to manage your app
Complete documentation on using the OAuth authentication service with the SSO service in BLuemix is available here: https://www.ng.bluemix.net/docs/#services/SingleSignOn/index.html#sso_gettingstarted
Examples and client code also:
https://hub.jazz.net/project/bluemixsso/SingleSignOnSampleClient/overview. The sample application can help you write your own client application to leverage the IBM Single Sign On for Bluemix service's capabilities. You can create your own copy of the code in your own DevOps JazzHub account as well, and then build it and then deploy it to your own IBM Bluemix space.
You need to try single sign on authentication provided by bluemix.
Below is the getting started link with this:
https://www.ng.bluemix.net/docs/#services/SingleSignOn/index.html#sso_gettingstarted
You can get various option to authenticate users(via fb,google) etc and apply in your app.
Please review this link, about Single Sign On.
https://www.ng.bluemix.net/docs/#services/SingleSignOn/index.html#sso_gettingstarted
I hope this help you.
Good luck!
I want to integrate liferay with my existing application, for that i want to use JSON web services offered by liferay, Most of these services (listed at /api/jsonws) ask for authentication token "p_auth", however i don't find any log in or authenticate method in these services which can give me this p_auth token.
My application is php and i am not expert in java, so looking for some REST and/or SOAP based http method to log in/authenticate. Is there any way to do so?
Liferay added p_auth key to links marked with #ActionMapping annotation for preventing CSRF attacks. You can disable this token with
auth.token.check.enabled=false
on the Liferay side (portal-ext.properties file), but in this case anyone could be able to log in in such method.
You can read more here
I'm developing an ASP.NET MVC site that utilizes forms authentication for part of the application. During development, I need to be able to give external parties access to a development server hosting the site. Since I don't want to expose the site to the entire internet, I need to password protect it while still allowing forms authentication to be in use.
Mixing of Windows and forms authentication doesn't work. Is there a standard way of doing this? I would have to think this is a common scenario. The article on MSDN doesn't seem to apply to my situation: http://msdn.microsoft.com/en-us/library/ms972958.aspx
Update: The first two answers suggest adding in standard IIS basic/digest authentication. As far as I know, this is not compatible with forms authentication because the user's identity will be set to the Windows account, not the identity used through forms authentication. I need the two to be completely independent. Any thoughts?
You could protect it in IIS, give those details to the external parties, and leave the forms auth as it is.
Disable anonomous access to force the users to login via a windows account before accessing the site.
I knew a guy who did this using Apache and a reverse proxy.
http://www.apachetutor.org/admin/reverseproxies
Well unfortunately what you're trying to do is not possible in IIS7 (integrated mode), but there is a workaround. I suggest you to read this article written by Mike Volodarsky a former program manager for IIS7 at Microsoft. Article addresses your problem and there is even a sample code you could use.