1. Home
  2. Development
  3. RE: Login process customize

RE: Login process customize

Deepak Panda, modified 6 Years ago.
Login process customize
New Member Posts: 18 Join Date: 4/19/19 Recent Posts
Hi,

I am using liferay 7.1 in my project, where user authenticate through LDAP. But I need to authenticate user on with condition.

1) First user authenticate with LDAP. (Which I have already done)
2) If user authetication failed from LDAP, than custom login class called where user authenticate from liferay database with some condition.

Kindly help me to find any solution on it.
thumbnail
Christoph Rabel, modified 6 Years ago.
RE: Login process customize
Liferay Legend Posts: 1555 Join Date: 9/24/09 Recent Posts
You probably need to implement your own authenticator:
https://dev.liferay.com/en/develop/tutorials/-/knowledge_base/7-0/authentication-pipelines
Deepak Panda, modified 6 Years ago.
RE: Login process customize
New Member Posts: 18 Join Date: 4/19/19 Recent Posts
 Hi Christoph,
I have already tried it through provided URL.

Actually my problem is, I have two type of user in liferay database.
1) LDAP imported, 2) Manually created from admin

I want to authenticate in one way, means, if user exist in ldpa(connected to AD) and password failed, than no need to call "auth.pipeline.post".
If user not in ldap, than to call "auth.pipeline.post", which is my own custom authentication class.

Currently, what happend, if user failed from LDAP, than it again try to authenticate it from database through "auth.pipeline.post" and login successfully.
thumbnail
Andrew Jardine, modified 6 Years ago.
RE: Login process customize
Liferay Legend Posts: 2416 Join Date: 12/22/10 Recent Posts
I wonder if you could override the service with a higher ranking --
@Component(
   immediate = true, property = "key=auth.pipeline.pre",
   service = Authenticator.class
)
public class LDAPAuth implements Authenticator {

.. this way you could implement your own logic when the process failed. The only thing is that, at least from my experience, sometimes I have tried this only to find that there are some internal classes that I can't access. There are tricks to get around this scenarion (David Nebinger wrote a great blog post outlining one way to do it) -- but looking at the import statements in that class, I don't actually see any explicit "internal" package references. 

NOTE: According to the docs (in the portal.properties), the auth.pipeline.post is actually depracated and doesn't seem to be used anymore.
thumbnail
Christoph Rabel, modified 6 Years ago.
RE: Login process customize
Liferay Legend Posts: 1555 Join Date: 9/24/09 Recent Posts
Workaround idea: Can't you simply set the Liferay password for users from ldap to something secret (really long and random)? Then ldap users can only authenticate through ldap.