Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 5.0.1
    • Fix Version/s: 5.1.0
    • Component/s: None
    • Labels:
      None
    • Similar Issues:
      Show 5 results 

      Description

      See http://www.lagjazz.com/web/guest/home/blogs/integraded_liferay_with_opensso

      From Tony Lin:

      I was trying to enable OpenSSO for Liferay, but could not get it to work after enabled OpenSSO in the Liferay Admin, so I decided to look into the code in order to find out why it didn't work for me.

      After spent few days on the source code of both OpenSSO and Liferay, I found few bugs in Liferay's OpenSSO integration code and finally got it to work, here are those changes:

      1) in the file portal-impl/src/com/liferay/portal/security/auth/OpenSSOAutoLogin.java

      Change this line:

      BufferedReader reader = new BufferedReader(
      new InputStreamReader((InputStream)con.getContent()));

      to:

      BufferedReader reader = new BufferedReader(
      new InputStreamReader((InputStream)con.getInputStream()));
      Reason: getContent() will first check the "Content-Type" header of the response content, and then create the proper content handler according to the content type, but unfortunately, OpenSSO returns a page without the "Content-Type" header, so getContent will throw an exception.

      2) in the same file, when caught the NoSuchUserException, it will try to add the new user as a new into Liferay, but sometimes it could not find the default theme and the locale for the new user, and it will fail to add the new user.

      I changed this part (within "catch (NoSuchUserException nsue)") from:

      ThemeDisplay themeDisplay = (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
      user = addUser(companyId, firstName, lastName, emailAddress, screenName, themeDisplay.getLocale());to:

      ThemeDisplay themeDisplay = (ThemeDisplay)req.getAttribute(WebKeys.THEME);
      Locale themeLocale = null;
      themeLocale = themeDisplay==null ? Locale.CANADA : themeDisplay.getLocale();
      user = addUser(companyId, firstName, lastName, emailAddress, screenName, themeLocale);

      3) under the Liferay web interface Liferay=> Enterprise Admin=>Settings=>Authentication=>OpenSSO

      Change the LoginURL to something like:

      http://YOUR.OPENSSO.DOMAIN/opensso/UI/Login?goto=http://YOUR.LIFERAY.DOMAIN/c/portal/login

      and Change the LoginoutURL to something like:

      http://YOUR.OPENSSO.DOMAIN/opensso/UI/Logout?goto=http://YOUR.LIFERAY.DOMAIN/web/guest/home

      Reason: This will fix the issue of needing to login twice.

      But, there is another problem need to be fixed, when the session times out, the cookie(OpenSSO token) remains in the browser, so when you are trying to login again, Liferay will still try to verify the SSO token with the OpenSSO server, and it will then failed on the OpenSSO server, so Liferay will redirect you back to Liferay login page, so you will not be able to login to OpenSSO again unless you delete your saved cookies in your browser.

      So when the session times out, we need to remove all OpenSSO (or the current SSO solution) cookie from the client side browser so the users are able to login again.

      Hope this is helpful for those who want to use OpenSSO with Liferay, but you will need to setup Liferay dev environment to compile the code after the changes.

        Activity

        Hide
        bvj added a comment - - Restricted to

        >> But, there is another problem need to be fixed, when the session times out, the cookie(OpenSSO token) remains in the browser,

        Has this issue been resolved? If not, can the poster of the issue confirm the bug still exists with the current patches and post a separate bug report?

        Show
        bvj added a comment - - Restricted to >> But, there is another problem need to be fixed, when the session times out, the cookie(OpenSSO token) remains in the browser, Has this issue been resolved? If not, can the poster of the issue confirm the bug still exists with the current patches and post a separate bug report?

          People

          • Assignee:
            SE Support
            Reporter:
            Brian Chan
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development

                Structure Helper Panel