I'm using LifeRay in version 6.1 in combination with CAS. For testing purposes, I wanted to deactivate CAS temporarily and use the native login functionality of LifeRay instead. Therefore, I deactivated CAS in the Portal Settings. Now, I cannot login myself in LifeRay, because even if I click on "sign in" I got "You do not have permission to view this page." Where can I activate CAS again in the config-files or database OR how can I return to the native login functionality of LifeRay? Thank you!
Add the following in your portal-ext.properties(You can also create property hook, but since this is temporary, i would recommend you to change this for the moment do the clean up and then remove the property) and restart the server
auto.login.hooks=com.liferay.portal.security.auth.CASAutoLogin,com.liferay.portal.security.auth.FacebookAutoLogin,com.liferay.portal.security.auth.NtlmAutoLogin,com.liferay.portal.security.auth.OpenIdAutoLogin,com.liferay.portal.security.auth.OpenSSOAutoLogin,com.liferay.portal.security.auth.RememberMeAutoLogin,com.liferay.portal.security.auth.SiteMinderAutoLogin,com.liferay.portal.security.auth.ParameterAutoLogin
Once server is restarted add the following parameters to any of liferay's url
?parameterAutoLoginLogin=test#liferay.com¶meterAutoLoginPassword=test
Change credentials to your admin credentials
Related
Hi I am using Keycloak for authentication. I have one separate service for forgot password. I want to redirect keycloak to that service when Forgot Password Link is clicked.
I dont want to use keycloak's forgot password service.
Please Help.
Keycloak's login page is built using Freemarker templates. These are stored in Themes folder inside Keycloak. You can edit these FLT files inside Keycloak's theme folder and make any changes you want - like adding a link to another URL/resource/etc.
The base login theme can be found here -
/standalone/configuration/themes/base/login/login.ftl
Themes can be deployed in multiple ways - as a folder/module/jar. They need to be dropped under -
standalone/configuration/themes
Under keycloak-9.0.3/themes/base/login/ you can find standard templates which names and content you can use for customization. E.g. login-reset-password.ftl.
Then it's recommended better to create a custom theme and under it copy/create your custom template.
At the end don't forget to change the "Login Theme" to your custom one on Keycloak Admin Panel under "Realm Settings" -> "Theme".
i want an automaticalle login in my services when the user is already logged in into cas.
At the moment i must click the login button in every service manually to login.
My goal is when i'am logged in into cas and i join for example my jenkins service my user logged in automatically without clicking the log in button.
Can someone help me?
If you're using something like Spring Security or similar to manage it, then it can do it automatically for you. But since you seems to be making a Single Page Application(as you've said that you're needing a loggin button), and by going with that assuption, you'd need to have that login anyways. Except of course if you've set a script to check if there's a valid cookie already. More details appreciated(sorry, can't just comment)
I've just installed Apache Bloodhound in my server. It's working fine. But with the default settings, anyone can view the list of tickets. I want to change this so that only logged in users are able to view the tickets.
Is it possible? How can I do this?
Default Trac ticket permissions are TICKET_VIEW for 'anonymous' sessions (everyone) and editing for 'authenticated' users, yes.
You'll want to remove TICKET_VIEW, so only authenticated users will see (and modify) tickets. To accomplish that, any user with PERMISSION_REVOKE (inherited by TRAC_ADMIN and PERMISSION_ADMIN as well) is allowed to navigate to the permission web admin page, can check and submit the 'remove' action. Alternatively you could use the trac-admin command:
trac-admin <path_to_trac_env> permission remove anonymous TICKET_VIEW
where you need to replace the path with you real one, like /var/www/trac_env/myTrac.
I just installed latest rhq rhq-server-4.10.0,
I go into
http://myrhq:7080/coregui/
and try to login with admin and with rhqadmin and password used for database, but it doesn't work (actually not strange cause I tried with database password - not application which I don't know).
Where is user / password for
http://myrhq:7080/coregui/ defined ?
How can I login into application ?
BR,
Jakub
The default username/password after install are rhqadmin/rhqadmin as described in the "Running the server" docs.
You can then go in the UI to Administration->Users and change the password:
This is also the place to set up more users and assign them roles etc.
The later is described in the rhq wiki.
I have this problem:
I have enabled Liferay to import and export users from/to OpenLDAP server.
When I create a user in Liferay I obtain this page:
So, I have create a new user and Liferay has assigned to it a password (3zbPk6KA).
But.. if I try to login with new user (and generated password) I obtain the error message of incorrect credentials. In LDAP server I can see the new account but, the corresponding password seems to be different from that generated by Liferay..
In Java console i read this warning:
14:20:15,882 WARN [http-bio-8080-exec-6][LDAPAuth:208] Passwords do not match for userDN cn=myUser,ou=users,dc=myProject,dc=com
Some suggestions?
Had this problem too. what's your value for Ldap password policy and what's your liferay version ?
I think you have 2 options :
Disable Ldap password policy, and if your Liferay version has no bug on exporting new user's autogenerated passwords, Your scenario is supposed to work. Else, you'll have to create a patch/hook that sends that password to LDAP
Enable LDAP password policy, setup a fixed default LDAP password, and hook the login process, so that you inform the new registered user (Screen Message + validation email) on her initial password. Note that there's still a security issue here, because of the fixed password, as someone could create accounts for other users if he knows their e-mails and tries to register before them.
You have to unmark "required" in controlpanel→portal→configuration→autenticathion→LDAP to di
I don't know why that specific scenario doesn't work. I have used Liferay 6.1 and know there are a number of bugs with the LDAP function of version 6.1. The problem that I faced was that checking "Use LDAP Password Policy" resulted in a user being created without a password.
However, if your password is being created in Liferay, you can turn off the export in Liferay LDAP wizard and programmatically export users through a hook using Java LDAP look up. I had to do it and it fixed a number of similar issues for me.
The link is a below
http://abhirampal.com/2014/12/20/liferay-ldap-export-to-active-directory-disabled-user-bug/