Logging in Liferay user without password

I need to login the user in Liferay by authenticating against an external system. However, I still need to have a valid Liferay session. So, I need to login to Liferay by

I did few things:

These did not work. Here is an explanation of these approaches. The idea is to include //Call external system to authenticate will be included if these methods work. Please correct where I m making the mistake and if some approach is better compared to other.

1. Autologin:

a. Set portal-ext.properties

 auto.login.hooks=com.poc.AutoLoginFil

b. Create a class

public class AutoLoginFilter implements AutoLogin {

    public AutoLoginFilter() {
        super();
    }

    @Override
    public String[] login(HttpServletRequest req, HttpServletResponse arg1) throws AutoLoginException {

//Call external system to authenticate 
        User user =  UserLocalServiceUtil.getUserByScreenName(company.getCompanyId(), login);
         credentials[0] = String.valueOf(user.getUserId());

        credentials[1] = "undefined";
        credentials[2] = Boolean.TRUE.toString();

            return credentials;
    }
}

c. Deploy the plugin project, restart the server and go to http: //localhost:8080/web/guest/home . This should log in as joebloggs

This did not work

2. Hooks to UserLocalService.authenticateByScreenName override

a. In liferay-hook.xml

<service>
        <service-type>
            com.liferay.portal.service.UserLocalService
        </service-type>
        <service-impl>
            com.test.UserService
        </service-impl>
    </service>

b. Extend UserLocalServiceWrapper and use the custom class.

public class UserService  extends  UserLocalServiceWrapper
{

@Override
    public int authenticateByScreenName(long companyId, String screenName, String password, Map headerMap, Map parameterMap, Map resultsMap)
    {
//Call external system to authenticate 
        String name = "";
        log.info(screenName);
        return SUCCESS;
    }

}

When I login, it should work with any password. It does not.

3. auth.pipeline pre and check = false

a. In portal-ext.properties

auth.pipeline.enable.liferay.check=false
auth.pipeline.pre=com.test.AutoLoginCustom

b. Then, in

public class AutoLoginCustom implements AutoLogin
{

@Override
public String[] login(HttpServletRequest arg0, HttpServletResponse arg1)
            throws AutoLoginException {

@Override
    public String[] login(HttpServletRequest arg0, HttpServletResponse arg1)
{
//Call external system to authenticate 
  credentials[0] = "joebloggs";

        credentials[1] = "undefined";
        credentials[2] = Boolean.TRUE.toString();

            return credentials;
}

c. Deploy the project and restart the server. Go to http://localhost:8080/web/guest/home. Login using username and different password. It does not login. It does not even hit the debug point in the AutoLoginCustom java.

4. LoginFilter In the liferay-hook.xml,

<servlet-filter>
        <servlet-filter-name>Login</servlet-filter-name>
        <servlet-filter-impl>com.test.AutoLoginFilter</servlet-filter-impl>
    </servlet-filter>

In AutoLoginFilter

public class AutoLoginFil implements Filter
{

    @Override
    public void doFilter(ServletRequest arg0, ServletResponse arg1,
            FilterChain arg2) throws IOException, ServletException {

//Call external system to authenticate 
        log.debug("doFilter");

    }
}

The debug filter is not called.

Is there mistakes in any of these approaches and if yes, what is it and is there a different approach to do this? I had already looked at the following references.

How do I use autologin in liferay?

Liferay - AutoLogin + Authenticator - Get Credentials From Request Header

I did some more playing around and i was able to figure out way to solve this.

The answer for
2. Hooks to UserLocalService.authenticateByScreenName override

Step 1:

<service>
        <service-type>
            com.liferay.portal.service.UserLocalService
        </service-type>
        <service-impl>
            com.test.UserService
        </service-impl>
    </service>

Step 2:

Extend UserLocalServiceWrapper and use the custom class.

public class UserService  extends  UserLocalServiceWrapper
{

@Override
    public int authenticateByScreenName(long companyId, String screenName, String password, Map headerMap, Map parameterMap, Map resultsMap)
    {
//Call external system to authenticate 

        if(externalAuthenticationSuccess)
        {
          return Authenticator.SUCCESS;
       }
       else
       {
         return Authenticator.FAILURE; 
       } 

}

This works, when deployed.

This was not working when I posted the question because:

When I deployed using the Eclipse Tomcat Server as well, it caught the breakpoint.

The answer to

public class CustomAuthenticator implements Authenticator
{
    @Override
    public int authenticateByScreenName(long companyId, String screenName, String password,
            Map<String, String[]> headerMap, Map<String, String[]> parameterMap) throws AuthException {



    //Call external system to authenticate 
    if(externalAuthenticationSuccess)
    {
        return Authenticator.SUCCESS;
    }
    else
    {
        return Authenticator.FAILURE; 
    } 


    }
}

This works too, but it worked only in JBoss, not in Tomcat. I deployed the portal-ext.properties in

TOMCAT_HOMEwebappsROOTWEB-INFclasses

In JBoss EAP, it is under Liferay_Home. It might not have picked up the property in Tomcat, but did in JBoss.

The other possible solutions posted in the question might work too, but I did not explore everything to find the mistakes in the configuration.

If there is any comment or question about these solutions, please post and I ll be happy to provide further step. Thank you.

上一篇: ldap和liferay密码策略

下一篇: 在没有密码的情况下登录Liferay用户