Sameer Naik 9 Years Ago Need few clarifications. Is user logged into LCP different from user who authenticates at LSP during authorization? in other words, is oauth used to login to LCP? Please sign in to reply. Reply as... Cancel Igor Beslic Sameer Naik 8 Years Ago - Edited Hi Sameer, given example is quite confusing since we have 2 Liferay portals. If LCP belongs to Company1 and LSP to Company2 it is more likely that user databases will differ, and User credentials used to login to LCP are not same as those used for LSP. However if LCP and LSP belong to same company, and User databases are synced via LDAP than yes, those are same users.OAuth is not used to login, I see it more likely as a way to authorise 3rd party device/machine/site to access particular resources without storing your credentials (user name/pass) at 3rd party device/machine/site.Hope this helps? Please sign in to reply. Reply as... Cancel Sharavan Maripelli Igor Beslic 8 Years Ago Hi Igor,We are planning to configure the third-party Authentication provider to handshake with the Liferay Portlet. Did we have any suggestions how we can proceed to integrate with the third-party Authentication provider which using OAuth with LiferayDid you have the OAuth Client Portlet code available in git ? Please sign in to reply. Reply as... Cancel Igor Beslic Sharavan Maripelli 8 Years Ago HI Sharavan, this link could help you:https://dev.liferay.com/develop/tutorials/-/knowledge_base/6-2/authorizing-access-to-services-with-oauthComplete AOauth consumer portlet code is available only for customers with subscriptions. Please sign in to reply. Reply as... Cancel divya goyal Igor Beslic 7 Years Ago Need some clarification regarding the below use case: As per my use case the Oauth token provider in the third party application which will be authorizing the user and the user credentials are also not stored in the same database and i need to build the consumer of oauth token on liferay and authorize the user after successfully verifying the token.Can this plugin support this use case for consuming the oauth token and authorizing the user without having the password stored at same database with only having the emailAddress value in the token so that we can identify the user in the system to verify this user exists and on the basis of trust based on token the user can login into Portal and access the application the same way it access the application while directly login into portal.Please suggest, as i am very new to oauth way of accessing the application. Please sign in to reply. Reply as... Cancel Igor Beslic divya goyal 7 Years Ago - Edited Hi Divya, this article gives you guidelines how to develop portlet whose requests to access remote resources are authorized via OAuth. In this example Liferay OAuth Provider plugin is what you call "third party application which authorizes the user". If I understand your case, you would like to authenticate user against Twitter, Facebook or Google using OAuth... Yes you can do it but this article doesn't cover your case. Please sign in to reply. Reply as... Cancel
Igor Beslic Sameer Naik 8 Years Ago - Edited Hi Sameer, given example is quite confusing since we have 2 Liferay portals. If LCP belongs to Company1 and LSP to Company2 it is more likely that user databases will differ, and User credentials used to login to LCP are not same as those used for LSP. However if LCP and LSP belong to same company, and User databases are synced via LDAP than yes, those are same users.OAuth is not used to login, I see it more likely as a way to authorise 3rd party device/machine/site to access particular resources without storing your credentials (user name/pass) at 3rd party device/machine/site.Hope this helps? Please sign in to reply. Reply as... Cancel Sharavan Maripelli Igor Beslic 8 Years Ago Hi Igor,We are planning to configure the third-party Authentication provider to handshake with the Liferay Portlet. Did we have any suggestions how we can proceed to integrate with the third-party Authentication provider which using OAuth with LiferayDid you have the OAuth Client Portlet code available in git ? Please sign in to reply. Reply as... Cancel Igor Beslic Sharavan Maripelli 8 Years Ago HI Sharavan, this link could help you:https://dev.liferay.com/develop/tutorials/-/knowledge_base/6-2/authorizing-access-to-services-with-oauthComplete AOauth consumer portlet code is available only for customers with subscriptions. Please sign in to reply. Reply as... Cancel divya goyal Igor Beslic 7 Years Ago Need some clarification regarding the below use case: As per my use case the Oauth token provider in the third party application which will be authorizing the user and the user credentials are also not stored in the same database and i need to build the consumer of oauth token on liferay and authorize the user after successfully verifying the token.Can this plugin support this use case for consuming the oauth token and authorizing the user without having the password stored at same database with only having the emailAddress value in the token so that we can identify the user in the system to verify this user exists and on the basis of trust based on token the user can login into Portal and access the application the same way it access the application while directly login into portal.Please suggest, as i am very new to oauth way of accessing the application. Please sign in to reply. Reply as... Cancel Igor Beslic divya goyal 7 Years Ago - Edited Hi Divya, this article gives you guidelines how to develop portlet whose requests to access remote resources are authorized via OAuth. In this example Liferay OAuth Provider plugin is what you call "third party application which authorizes the user". If I understand your case, you would like to authenticate user against Twitter, Facebook or Google using OAuth... Yes you can do it but this article doesn't cover your case. Please sign in to reply. Reply as... Cancel
Sharavan Maripelli Igor Beslic 8 Years Ago Hi Igor,We are planning to configure the third-party Authentication provider to handshake with the Liferay Portlet. Did we have any suggestions how we can proceed to integrate with the third-party Authentication provider which using OAuth with LiferayDid you have the OAuth Client Portlet code available in git ? Please sign in to reply. Reply as... Cancel Igor Beslic Sharavan Maripelli 8 Years Ago HI Sharavan, this link could help you:https://dev.liferay.com/develop/tutorials/-/knowledge_base/6-2/authorizing-access-to-services-with-oauthComplete AOauth consumer portlet code is available only for customers with subscriptions. Please sign in to reply. Reply as... Cancel
Igor Beslic Sharavan Maripelli 8 Years Ago HI Sharavan, this link could help you:https://dev.liferay.com/develop/tutorials/-/knowledge_base/6-2/authorizing-access-to-services-with-oauthComplete AOauth consumer portlet code is available only for customers with subscriptions. Please sign in to reply. Reply as... Cancel
divya goyal Igor Beslic 7 Years Ago Need some clarification regarding the below use case: As per my use case the Oauth token provider in the third party application which will be authorizing the user and the user credentials are also not stored in the same database and i need to build the consumer of oauth token on liferay and authorize the user after successfully verifying the token.Can this plugin support this use case for consuming the oauth token and authorizing the user without having the password stored at same database with only having the emailAddress value in the token so that we can identify the user in the system to verify this user exists and on the basis of trust based on token the user can login into Portal and access the application the same way it access the application while directly login into portal.Please suggest, as i am very new to oauth way of accessing the application. Please sign in to reply. Reply as... Cancel Igor Beslic divya goyal 7 Years Ago - Edited Hi Divya, this article gives you guidelines how to develop portlet whose requests to access remote resources are authorized via OAuth. In this example Liferay OAuth Provider plugin is what you call "third party application which authorizes the user". If I understand your case, you would like to authenticate user against Twitter, Facebook or Google using OAuth... Yes you can do it but this article doesn't cover your case. Please sign in to reply. Reply as... Cancel
Igor Beslic divya goyal 7 Years Ago - Edited Hi Divya, this article gives you guidelines how to develop portlet whose requests to access remote resources are authorized via OAuth. In this example Liferay OAuth Provider plugin is what you call "third party application which authorizes the user". If I understand your case, you would like to authenticate user against Twitter, Facebook or Google using OAuth... Yes you can do it but this article doesn't cover your case. Please sign in to reply. Reply as... Cancel
Kalpesh Sangani 6 Years Ago how can we get logged in user details after successfully user authentication by token like screenname and userid ? Please sign in to reply. Reply as... Cancel Igor Beslic Kalpesh Sangani 6 Years Ago Hi Kalpesh, OAuth is designed so that Consumer APP never needs user details to perform actions on user's behalf. If you really need user name you can/should either use remote call to a service that will serve current user details (for example extend UserServiceImpl) or make your application to ask user to provide some details. Summary: OAuth spec doesn't require implementation to reveal user's human-friendly identity to Consumer APP. Please sign in to reply. Reply as... Cancel
Igor Beslic Kalpesh Sangani 6 Years Ago Hi Kalpesh, OAuth is designed so that Consumer APP never needs user details to perform actions on user's behalf. If you really need user name you can/should either use remote call to a service that will serve current user details (for example extend UserServiceImpl) or make your application to ask user to provide some details. Summary: OAuth spec doesn't require implementation to reveal user's human-friendly identity to Consumer APP. Please sign in to reply. Reply as... Cancel