Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-13060

Siteminder Authentication and Custom Authorization(Using tomcat-users.xml or having Customer User Realm for authorization)

    Details

    • Branch Version/s:
      5.2.x

      Description

      I am new to liferay portal. I am afraid, the questions being raised might be simple, but I am not aware. Please clarify.

      We are trying to build a Portal using Liferay on Tomcat. This Portal should be authenticated by Netegrity SiteMinder and we have our internal authorization mechanism which is built on tomcat security . I have questions on two areas which I have listed below

      1. Question on Enabling Siteminder in Liferay
      When siteminder is enabled within Liferay, is it necessary for us to still configure the user in liferay portal to have the siteminder authenticated user get into the portal page.

      2. Authorizations - My objective is to avoid configuring User and Roles and their associations in Liferay. This is because the portal which we want to built should rely on the tomcat security customized framework which is already in place.

      I deployed a portlet which has set of links available and these links should be available based on the user permissions. So I configured the users and set of roles in tomcat-users.xml and also defined the role-mapping in liferay-portlet.xml,portlet.xml,web.xml and deployed the portlet and also changed the Realm Configuration in liferay.xml as below
      <Realm className="org.apache.catalina.realm.MemoryRealm"

      appName="PortalRealm" userClassNames="com.liferay.portal.security.jaas.PortalPrincipal"

      roleClassNames="com.liferay.portal.security.jaas.PortalRole"

      debug="99" useContextClassLoader="false"/>

      I logged into to Liferay Portal with a user (configured both in liferay and tomcat-users.xml and added the Portlet on the page and see the links are not displayed as the request.isUserInRole("Role x") returned false. When I tried configuring the same role and associated it to the user, I saw the link working. But the expected behaviour is not seen.

      Please help me on this. Appreciate a quick response.

      Thanks
      Kalaiarasan

        Attachments

          Activity

            People

            Assignee:
            michael.saechang Michael Saechang
            Reporter:
            kalai106 Kalaiarasan Subramanian (Inactive)
            Participants of an Issue:
            Recent user:
            Esther Sanz
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since last comment:
              7 years, 47 weeks, 3 days ago

                Packages

                Version Package
                --Sprint 11/12
                6.2.0 CE M2