Liferay using Google as an LDAP ServerLiferay using Google as an LDAP Serverhttps://liferay.dev/en/c/message_boards/find_thread?p_l_id=119785294&threadId=1223698232026-04-09T12:09:56Z2026-04-09T12:09:56ZRE: RE: Liferay using Google as an LDAP ServerMark Andrewshttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785294&messageId=1233423492025-04-08T15:52:46Z2025-04-08T15:52:45Z<p>Sorry, I somehow missed this reply! </p>
<p>This all became irrelevant for us, as we're now using SAML for SSO
and user provisioning, with a custom post login module. And this
seems to be working for us.</p>
<p>We were unable to expose the Google LDAP via SCIM, although Google
does support SCIM it does, only for specific applications that can be
selected from a list! This may have changed, and I'm sure there will
eventually be a 'custom' app support for this, but we found another way!</p>Mark Andrews2025-04-08T15:52:45ZRE: RE: Liferay using Google as an LDAP ServerZsigmond Rabhttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785294&messageId=1223872502024-02-07T15:57:09Z2024-02-07T15:57:08Z<p>Hi Mark,</p>
<p>Sorry about being sloppy in my comment on the ticket.</p>
<p>One of the purposes of the SCIM is the same as the LDAP, to do the
user provisioning. However, SCIM is more flexible. As the LDAP
providers can generally act as a SCIM client, this is a way of
provisioning user data that can be considered to change to. That may
be able to solve such keystore related problems also with delegating
that to the SCIM client. We would also support this direction.</p>
<p>That may be quicker, easier and less painful to implement than a
properly working LDAP integration with key and certs added to a keystore.</p>
<p>Cannot that work to you?</p>
<p>Regards,<br> Zsigmond<br> </p>Zsigmond Rab2024-02-07T15:57:08ZRE: RE: Liferay using Google as an LDAP ServerMark Andrewshttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785294&messageId=1223833972024-02-06T12:56:00Z2024-02-06T12:56:00Z<p>I saw the comment on the new feature request asking if SCIM would
help with this issue. I read a little about it, and this talks about
Identity management, so not really sure how this would help, as I am
just wanting to use the Liferay LDAP integration, but with Google!
This is a feature that I'd like sooner, rather than later, so not sure
waiting for an SCIM implementation will be possible, and the first
delivery will likely have issues! Based on previous experience!</p>
<p>I did not comment on the ticket directly, as I seem to not be able to
get into the Jira system, I have had this issue before and it seems to
stem from Us having our own Jira instance, and I just seem to get
stuck in a lop trying to log in.</p>
<p>Regards</p>Mark Andrews2024-02-06T12:56:00ZRE: Liferay using Google as an LDAP ServerJamie Sammonshttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785294&messageId=1223728102024-01-31T20:09:07Z2024-01-31T20:09:06Z<p>Feature Request Created: https://liferay.atlassian.net/browse/LPD-16284</p>Jamie Sammons2024-01-31T20:09:06ZLiferay using Google as an LDAP ServerMark Andrewshttps://liferay.dev/en/c/message_boards/find_message?p_l_id=119785294&messageId=1223698222024-01-31T17:41:34Z2024-01-30T15:19:08Z<p>Hi All, </p>
<p> </p>
<p>Liferay is unable to support Google LDAP, google uses a key and
certificate for authorisation. If I follow their instructions on
combining the key and cert into a pkcs13 format and adding it to the
Keystore. This works with standard Java, but for some reason, does
not work with Liferay. The support team have provided a workaround,
which is to use stunneling, which Liferay have tested, so I will try
this, but this means that the connection Liferay is making will have
to be done in plain text.</p>
<p>So, I request that Liferay make some changes to support certificate
authentication so that Google LDAP can be used as an authentication
mechanism directly, and without an stunnel.</p>
<p>Regards</p>Mark Andrews2024-01-30T15:19:08Z