[Liferay] Liferay enables single-point logon and single-point liferay

Source: Internet
Author: User
Tags ldap openldap

[Liferay] Liferay enables single-point logon and single-point liferay

Last article: single-point logon using Liferay-OpenLDAP


This article does not introduce concepts, but focuses on implementation.


Liferay : 6.1.1 CE GA2  OpenLdap for Windows :openldap-2.4.38-x86  Apache Directory Studio : Apache Directory Studio 2.0.0-M3  CAS : cas-server-3.5.2  Windows : 7 x64  

Chapter 2 CAS Configuration
Download installation: https://www.apereo.org/cas/download
The version used in this article is cas-server-3.5.2-release
Decompress and copy the cas-server-3.5.2-release in the cas-server-3.5.2 \ cas-server-webapp-3.5.2.war \ modules directory and paste it to $ {liferay. home} \ webapps, and rename it to any name you want, such as cas-server, and then restart Liferay server.
Note that all the configuration tutorials on the Internet refer to SSL configuration. CAS Server is used only after SSL is configured. In fact, there is no need between the two, this article uses CAS Server without configuring SSL.
After Liferay is restarted, enter the url http: // localhost: 8080/cas-server/login. Enter a string of the same user name and password. Click "Log On". If the logon is successful, the initial configuration of CAS Server is successful.
But note! It's just a preliminary step. Many tutorials are very irresponsible and end at this point, leaving a semi-finished product for unknown readers.

CAS Sever and Liferay Integration

Modify authenticationHandlers to modify the CAS authentication conditions, as long as the user name and password are equivalent strings, the login successfully found directory cas-server-3.5.2-release \ cas-server-3.5.2 \ cas-server-webapp \ src \ main \ webapp \ WEB-INF, open deployerConfigContext. xml file, locate the following content and comment or delete it

<property name="authenticationHandlers">…</property>

Add original

<property name="authenticationHandlers"><list><bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"p:filter="uid=%u"p:searchBase="dc=example,dc=com"          p:contextSource-ref="contextSource" /></list></property>


P: filter = "uid = % u"-note that uid is used for filtering, and sn can also be used. This depends on the RDN when the user is created, as shown in figure



P: searchBase = "dc = example, dc = com"-corresponds to the root entry of the DIT. For more information about the DIT, see the previous article.


Add contextSource before </beans> at the end of the file

<bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource">      <property name="pooled" value="true"/>      <property name="urls">        <list>          <value>ldap://localhost:389</value>        </list>      </property>      <!-- <property name="userDn" value="cn=jimbob, dc=example, dc=com"/> -->      <property name="userDn" value="cn=jimbob,dc=example,dc=com"/>      <property name="password" value="dirtysecret"/>      <property name="baseEnvironmentProperties">        <map>          <!-- Three seconds is an eternity to users. -->          <entry key="com.sun.jndi.ldap.connect.timeout" value="3000" />          <entry key="com.sun.jndi.ldap.read.timeout" value="3000" />          <entry key="java.naming.security.authentication" value="simple" />        </map>      </property></bean>

Modify the pom. xml of Maven and compile it in the cas-server-3.5.2-release \ cas-server-3.5.2 \ cas-server-webapp directory find and open pom. xml, add the following before the first dependency, and compile

<dependency>      <groupId>${project.groupId}</groupId>      <artifactId>cas-server-support-ldap</artifactId>      <version>${project.version}</version></dependency>

Use the mvn install command to compile the war file, find the compiled war file in the following directory, copy and paste it to $ {liferay. home} \ webapps, and restart the Liferay server.



If you do not have a Maven environment, or the compilation fails, you can find the cas-server-3.5.2-release directly in the cas-server-3.5.2 \ cas-server-support-ldap-3.5.2.jar \ modules and copy and paste it to $ {liferay. home} \ webapps \ cas-server \ WEB-INF \ lib, the same effect, I do not understand why I have to compile it again.
If you use CAS Server directly after completing the previous step, it will include, because there is still one less package, spring-ldap-core-1.3.2.RELEASE.jar, download one on the Internet, and agree to paste it to $ {liferay. home} \ webapps \ cas-server \ WEB-INF \ lib.

Configure CAS Server in Liferay



So far, the integration of CAS Server and Liferay is complete.


Cas in Liferay portal for single-point Logon

The Single Sign-On Function of the Portal is based on the Application Integration System. The unified Identity Authentication system implements the Single Sign-On Portal product of the system. The Liferay Portal provides content integration for multiple independent systems, helping multiple organizations

For liferay to clear the built-in portlet on the main interface, simply put it is liferay slimming liferay version liferay-portal-610-ce

The portlet can be deleted directly from the page. Each portlet has a fork flag in the upper right corner.
 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.