Ask Questions and Find Answers
Important:
Ask is now read-only. You can review any existing questions and answers, but not add anything new.
But - don't panic! While ask is no more, we've replaced it with discuss - the new Liferay Discussion Forum! Read more here here or just visit the site here:
discuss.liferay.com
RE: Import User specific fields from the Active Directory
Hello,
We are using Liferay 6.2 GA4 with Tomcat 7, and integration with Active Directory to import users and groups.
We need to import three fields within the portal that are not established on the basis portal-ext.properties :
For this import were assessing the implementation of a class and the use of the attribute :
ldap.attrs.transformer.impl = com.liferay.portal.security.ldap.DefaultAttributesTransformer
We have seen that the solution is not suited to what we need as it is a transformation before importing the user does not during or after , so we are studying the implementation of a HOOK or EXT
We need to change this behavior Import, What would be the best way to approach development?
Any help would be much appreciated. Thanks.
We are using Liferay 6.2 GA4 with Tomcat 7, and integration with Active Directory to import users and groups.
We need to import three fields within the portal that are not established on the basis portal-ext.properties :
- Phone
- Address
- Subprofile
For this import were assessing the implementation of a class and the use of the attribute :
ldap.attrs.transformer.impl = com.liferay.portal.security.ldap.DefaultAttributesTransformer
We have seen that the solution is not suited to what we need as it is a transformation before importing the user does not during or after , so we are studying the implementation of a HOOK or EXT
We need to change this behavior Import, What would be the best way to approach development?
Any help would be much appreciated. Thanks.
Hi Rocío de la Obra,
As you can see below.
You can write your own implementation of the com.liferay.portal.security.ldap.AttributesTransformer class. the class should implements the com.liferay.portal.security.ldap.AttributesTransformer interface. and create a portal.properties hook that will override the ldap.attrs.transformer.impl properties in your hook. That is the best way to work with liferay.
You can follow the hook guide here..
Thanks
Chandan
As you can see below.
# You can write your own class that implements
# com.liferay.portal.security.ldap.AttributesTransformer to transform the
# LDAP attributes before a user or group is imported to the LDAP store.
#
# This property is not read by the portal except for portal properties
# overridden by liferay-hook.xml. It remains here only as a reference.
#
#ldap.attrs.transformer.impl=com.liferay.portal.security.ldap.DefaultAttributesTransformerYou can write your own implementation of the com.liferay.portal.security.ldap.AttributesTransformer class. the class should implements the com.liferay.portal.security.ldap.AttributesTransformer interface. and create a portal.properties hook that will override the ldap.attrs.transformer.impl properties in your hook. That is the best way to work with liferay.
You can follow the hook guide here..
Thanks
Chandan
Hello,
We saw that property but it described the implemented class is called before importing data from Active Directory.
The development we have to do is one of those transforming them into a category of user fields and keep the phone number and address in the corresponding user fields .
To do this, we do not believe that we ldap.attrs.transformer.impl property can be useful in this case.
Thank you Chandan
We saw that property but it described the implemented class is called before importing data from Active Directory.
The development we have to do is one of those transforming them into a category of user fields and keep the phone number and address in the corresponding user fields .
To do this, we do not believe that we ldap.attrs.transformer.impl property can be useful in this case.
Thank you Chandan
Rocío de la Obra:
Hello,
We saw that property but it described the implemented class is called before importing data from Active Directory.
The development we have to do is one of those transforming them into a category of user fields and keep the phone number and address in the corresponding user fields .
To do this, we do not believe that we ldap.attrs.transformer.impl property can be useful in this case.
Thank you Chandan
Hi,
Yes you are right, in this property you can only transform the existing attribute of ldap which is coming from ldap and if it is not having the keys which liferay is using to get the value, so you can transform it as per liferay, and you attributes will be used to create the user. but your requirement is to update the user with the your listed attribute. Phone no etc....
if you see the liferay source code you can find the class com.liferay.portal.security.ldap.PortalLDAPImporterImpl and importLDAPUser() method which is responsible to import and create user from ldap. and again this method calling importUser() method to get user from ldap attributes and creates the user.
protected User importUser(
long ldapServerId, long companyId, Attributes attributes,
Properties userMappings, Properties userExpandoMappings,
Properties contactMappings, Properties contactExpandoMappings,
String password)
throws Exception {
-----------------------------------------------------
-------------------------------------------------------
}
Again there is a class com.liferay.portal.security.ldap.DefaultLDAPToPortalConverter and method importLDAPUser() which is responsible for creating LDAPUser object from attributes which is lastly converted to the Liferay user object and store in liferay DB. if you see that method you will find it will read only predefined attributes.
@Override
public LDAPUser importLDAPUser(
long companyId, Attributes attributes, Properties userMappings,
Properties userExpandoMappings, Properties contactMappings,
Properties contactExpandoMappings, String password)
throws Exception {
----------------------------------------
---------------------------------------------------------
return ldapUser;
}
So you can do two things. If you can implement EXT then modify the class com.liferay.portal.security.ldap.PortalLDAPImporterImpl and importUser() method to read your defined attributes and set it to liferay user. but for ext you have to modify the classes and the spring beans class also in ldap-spring.xml to use your implementation.
<bean id="com.liferay.portal.security.ldap.PortalLDAPImporterUtil" class="com.liferay.portal.security.ldap.PortalLDAPImporterUtil">
<property name="portalLDAPImporter">
<bean class="com.liferay.portal.security.ldap.PortalLDAPImporterImpl">
<property name="LDAPToPortalConverter" ref="ldapToPortalConverter" />
</bean>
</property>
</bean>
Another solution is if You are not comfortable with ext plugin.
1. you can create a service wrapper hook of user and override the add user and update user method so when the user will be added or modified you can update the user with your custom attribute value. Or
2. create a Model Listener hook for User so when the user get created or updated you can update the User with your custom attribute value.
In the implementation of any kind of hook listed above connect to the ldap and get the respective attributes and set to the user. but in this case you have to manage your own ldap context and everything. because you cannot use the liferay LDAP context i believe (I am not sure). or you can try to get Liferay LDAP context by using reflection. you can see here how to use reflection in liferay.
Thanks
Chandan
Hi All,
I want add one regular role to LDAP users programatically while importing LDAP users to liferay .
How to achieve this in liferay DXP?
How to customize the PortalLDAPImporterImpl and importUser() method through liferay dxp module project?
Please help me out.
Copyright © 2025 Liferay, Inc
• Privacy Policy
Powered by Liferay™