I'm using an external token service to validate my users and they then get redirected to the portal (portal url + some get parameters).
Now I would like to log these users in the portal.
Since the external authentication service is outside of my control I can't just tie it in with the portal login. And since I can't decrypt the portal user account password I can't just create an ext-plugin
and log in through that.
So I searched a bit and stumbled upon the fact that liferay has an autologin.
Now I was wondering:
- can I just use this in a normal portlet, or does it also need to be in ext (still don't know how to exactly do that)
- which session variables/cookies do I need to make?
- does anyone have a code snippet/tutorial since I have yet to find a complete one.
- how feasible is this when keeping future versions of liferay in mind?
What's this "external token service"? Is it an SSO (Single Sign On) system that Liferay happens to work with out of the box?
Take a look at liferay's web.xml - there's a lot of SSO filters in there - you'll find the implementation in liferay's source code. These filters are used for handling SSO systems and do everything that's necessary to log someone in without username/password validation in the portal itself. You might be able to find the variant that best suites your needs here.
Create your own filter (implements com.liferay.portal.security.auth.AutoLogin):
and implement login method with code:
where authenticatedUserId is equal to ID of the authenticated user in Liferay directory.
Add you filter as hook (file /WEB-INF/classes/portal.properties in your web app):