1. Home
  2. Development
  3. RE: How to implement Token authentication for Liferay JSON remote services

RE: How to implement Token authentication for Liferay JSON remote services

Vishnu S Kumar, modified 5 Years ago.
How to implement Token authentication for Liferay JSON remote services ?
Regular Member Posts: 131 Join Date: 7/28/17 Recent Posts
I need to enable guest users to pass a token while accessing remote services and allows/deny users from using the service based on token validation.  I'm hoping to do this validation in some pipelines. These remote services should be accessible from other apps outside the Liferay. How to implement this in Liferay DXP 7.0?
thumbnail
krishna patel, modified 5 Years ago.
RE: How to implement Token authentication for Liferay JSON remote services
New Member Posts: 14 Join Date: 5/21/18 Recent Posts
Hey Vishnu, If I am getting your question, You want to authenticate user by custom token instead of few existing method on Liferay (Basic, OAuth). If yes, Then we can do it by implementing custom AuthPipeline in Liferay. Find example code (here). It is for Liferay 6.2 I will try to update it for 7.1/7.2.
Vishnu S Kumar, modified 5 Years ago.
RE: How to implement Token authentication for Liferay JSON remote services
Regular Member Posts: 131 Join Date: 7/28/17 Recent Posts
Thanks, Krishna. I actually tried your code but it's not working on 7.0. I really appreciate it if you can try reproducing it to 7.0.

krishna patel:

Hey Vishnu, If I am getting your question, You want to authenticate user by custom token instead of few existing method on Liferay (Basic, OAuth). If yes, Then we can do it by implementing custom AuthPipeline in Liferay. Find example code (here). It is for Liferay 6.2 I will try to update it for 7.1/7.2.
thumbnail
krishna patel, modified 5 Years ago.
RE: How to implement Token authentication for Liferay JSON remote services
New Member Posts: 14 Join Date: 5/21/18 Recent Posts
I have updated AuthVerifier for liferay 7.1. Find release here(https://github.com/krishnaapatel/LiferayCustomAuthVerifier/releases/tag/v2.0). Any updates/pull requests are welcome.
thumbnail
Danilo Buzar, modified 5 Years ago.
RE: How to implement Token authentication for Liferay JSON remote services
New Member Posts: 3 Join Date: 7/13/17 Recent Posts
Hi Vishnu,

Have you already tried add your service and method under Control Panel > Configuration > Policy Access Service? Adding your service there you remove authentication to access your service.
Vishnu S Kumar, modified 5 Years ago.
RE: How to implement Token authentication for Liferay JSON remote services
Regular Member Posts: 131 Join Date: 7/28/17 Recent Posts
It will make the service open without any authentication right. I don't want that. I just need to use a token-based authentication instead of the basic auth when accessing it remotely.
Danilo Buzar:

Hi Vishnu,

Have you already tried add your service and method under Control Panel > Configuration > Policy Access Service? Adding your service there you remove authentication to access your service.
thumbnail
Mohammed Yasin, modified 5 Years ago.
RE: How to implement Token authentication for Liferay JSON remote services
Liferay Master Posts: 593 Join Date: 8/8/14 Recent Posts
Hi ,
You can try OAuth2 also, in this user can send the client id and client secret to get the token and use that to access services,  you can refer below 
https://help.liferay.com/hc/en-us/articles/360018176511-Authorizing-Account-Access-with-OAuth2#client-credentials-and-resource-owner-flows