Scribd Logo
Upload

Welcome to Scribd!

  • 27 views

    1st Start Here PDF

    Uploaded by

    Ashima Gupta
    This document provides steps to integrate Liferay 6.0 with Single Sign On (SSO) using OpenSSO/OpenAM and LDAP. It involves installing Liferay Portal, OpenDJ LDAP server, OpenSSO/OpenAM, enabling LDAP authentication in OpenSSO/OpenAM, and integrating Liferay Portal with OpenSSO/OpenAM while enabling LDAP. Key steps include configuring OpenSSO/OpenAM to use the OpenDJ LDAP server as the user data store, adding default Liferay users to the LDAP server, and modifying Liferay and OpenSSO/OpenAM settings to enable SSO and resolve redirection issues. References for more details are also provided.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    1st Start Here PDF

    Uploaded by

    Ashima Gupta
    27 views12 pages
    This document provides steps to integrate Liferay 6.0 with Single Sign On (SSO) using OpenSSO/OpenAM and LDAP. It involves installing Liferay Portal, OpenDJ LDAP server, OpenSSO/OpenAM, enabling LDAP authentication in OpenSSO/OpenAM, and integrating Liferay Portal with OpenSSO/OpenAM while enabling LDAP. Key steps include configuring OpenSSO/OpenAM to use the OpenDJ LDAP server as the user data store, adding default Liferay users to the LDAP server, and modifying Liferay and OpenSSO/OpenAM settings to enable SSO and resolve redirection issues. References for more details are also provided.

    Original Title

    1st_Start_Here.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document provides steps to integrate Liferay 6.0 with Single Sign On (SSO) using OpenSSO/OpenAM and LDAP. It involves installing Liferay Portal, OpenDJ LDAP server, OpenSSO/OpenAM, enabling LDAP authentication in OpenSSO/OpenAM, and integrating Liferay Portal with OpenSSO/OpenAM while enabling LDAP. Key steps include configuring OpenSSO/OpenAM to use the OpenDJ LDAP server as the user data store, adding default Liferay users to the LDAP server, and modifying Liferay and OpenSSO/OpenAM settings to enable SSO and resolve redirection issues. References for more details are also provided.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    27 views12 pages

    1st Start Here PDF

    Uploaded by

    Ashima Gupta
    This document provides steps to integrate Liferay 6.0 with Single Sign On (SSO) using OpenSSO/OpenAM and LDAP. It involves installing Liferay Portal, OpenDJ LDAP server, OpenSSO/OpenAM, enabling LDAP authentication in OpenSSO/OpenAM, and integrating Liferay Portal with OpenSSO/OpenAM while enabling LDAP. Key steps include configuring OpenSSO/OpenAM to use the OpenDJ LDAP server as the user data store, adding default Liferay users to the LDAP server, and modifying Liferay and OpenSSO/OpenAM settings to enable SSO and resolve redirection issues. References for more details are also provided.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 12

    Integrating Liferay 6.

    0 With SSO+LDAP

    Table of Contents
    Integrating Liferay 6.0 With OpenSSO/OpenAM+LDAP.........................................................................1
    1 Introduction............................................................................................................................................2
    2 Prerequisites...........................................................................................................................................2
    3 Steps Required for..................................................................................................................................2
    3.1 Installing Liferay Portal..................................................................................................................2
    3.2 Installing OpenDJ LDAP Server....................................................................................................3
    3.3 Installing OpenSSO/OpenAM ......................................................................................................3
    3.3.1 Installation of the Tomcat server consisted of........................................................................3
    3.3.2 Installation of OpenAM consisted of......................................................................................4
    3.3.3 Additional OpenAM Configuration........................................................................................5
    3.4 Enabling LDAP Authentication......................................................................................................6
    3.5 Integrating Liferay Portal with OpenAM and Enabling LDAP ....................................................6
    3.5.1 Enabling LDAP ......................................................................................................................6
    4 Reference...............................................................................................................................................8
    1 Introduction
    This guide will walk you through the steps to implement Single Sign On feature with Liferay portal
    v6.0. This document is intended for test driving Single Sign On (SSO) using JBOSS as the target
    platform where liferay portal would be running..

    2 Prerequisites
    To make a quick SSO setup we will need:-

    1. Liferay-portal-6.0.6, bundled with JBOSS -v5.1.0 including SSO.war.


    2. OpenDJ Release 2.4.0(LDAP v3 DataBase)
    http://www.forgerock.org/opendj.html
    3. JDK 1.6.0_25

    You could also find above prerequisites here:- \\172.16.50.152\Samvahak\SSO

    Liferay Portal and SSO both require a minimum 1.5 JVM, but we would recommend using Java 6 (as
    Java 1.5 reached its End of Service Life in October, 2009). Make sure that your JAVA_HOME,
    JBOSS_HOME environment variables are correctly set to point to your Java 6 installation.

    3 Steps Required for


    3.1 Installing Liferay Portal
    For Liferay Portal 6.0 bundled with JBOSS 5.1.0 installation steps, refer below link.

    \\172.16.50.152\Samvahak\SSO\Document\Installation Steps.pdf

    3.2 Installing OpenDJ LDAP Server


    OpenDJ is a new LDAPv3 compliant directory service, developed for the Java platform, providing a
    high performance, highly available and secure store for the identities.

    Please follow the steps mentioned in Installing OpenDJ Directory Server on Microsoft Windows
    in below link for OpenDJ installation:-

    \\172.16.50.152\Samvahak\SSO\Document\OpenDJ-2.4.0_Installation_Steps.pdf
    3.3 Installing Single Single On (SSO)
    As SSO also requires a servlet container, we can use JBOSS(5.1.0).

    3.3.1 Installation of the JBOSS server for running SSO

    1. Unzip liferay-portal-6.0.6.7z, if not unzipped already.


    2. Modify Liferay run.bat($JBOSS_HOME/bin) add following in JAVA_OPTS variable.
    -Dcom.iplanet.am.cookie.encode=true
    3. Open command prompt and start Liferay as-
    cd $JBOSS_HOME/bin
    run.bat
    4. Open a browser to http://localhost:10000/sso, which should redirect you to
    http://localhost:10000/sso/config/options.htm, to complete the SSO configuration.

    5. You should see the SSO configuration options page. Under Custom Configuration,click
    Create New Configuration. Enter the following:
    Default User Password — password
    Server Settings — default entries are ok. Cookie Domain should be set as Full Computer
    Name prefixed by . (dot).
    Configuration Data Store Settings — select First Instance, select SSO as, Configuration
    Data Store, leave other entries.
    User Data Store Settings — select Open DS, and fill the entries accordingly as
    mentioned below.

    Directory Name: localhost


    Port:1389 (or 389)
    Root Suffix: dc=rolta,dc=samvahak
    Login Id: cn=Directory Manager
    Password:password(it should be same as OpenDJ LDAP password)

    Site Configuration — select No


    Default Policy Agent User — policy01
    Configurator Summary Details – click,Create Configuration. This will create the
    configuration for your SSO server under ~/sso(:\Documents and Settings\
    {username}\sso).
    6. When this completes, in the Configuration Complete dialog, click Proceed to Login, which
    should now redirect you to http://localhost:10000/sso/UI/Login.
    7. Type amAdmin as the username, password as the password, and click, Log In. You should
    now see the SSO Console.
    Note:-
    In SSO you should always login as amAdmin which is SSO admin user.

    3.3.2 Additional SSO Configuration

    In-order to get SSO to work correctly with Liferay, you would need to set Encode Cookie Value to Yes.
    This will prevent infinite redirection between Liferay and SSO on login.
    1. In the SSO Console, select the Configuration tab.
    2. Select the Servers and Sites tab.
    3. Click Default Server Settings.
    4. Select the Security tab.
    5. In the Cookie section, select the Yes check-box beside Encode Cookie Value, as shown below.
    6. Click Save.

    Also set the com.iplanet.am.cookie.c66Encodeproperty to true as well, to resolve the infinite


    redirection problem:
    1. In the SSO Console, select the Configuration tab.
    2. Select the Servers and Sites tab.
    3. Click Default Server Settings.
    4. Select the Advanced tab.
    5. Find the com.iplanet.am.cookie.c66Encodeproperty, and set the value to true as shown
    below..
    6. Click Save.

    Before updating Liferay to use SSO, please add the default Liferay user,[email protected] , to SSO.
    1. In the SSO Console, select the Access Control tab.
    2. Click the / (Top Level Realm) realm.
    3. Select the Subjects tab.
    4. Click New…
    5. Setup the default Liferay user:
    • ID — test, in our customized Liferay)
    • First Name — Test, in our customized Liferay)
    • Last Name — Test, in our customized Liferay)
    • Full Name — test, in our customized Liferay)
    • Password — password
    • Click OK to create the user.

    6. Click test to add the email address. Enter [email protected] for the Email Address, and click
    Save.
    Similarly, add SSO admin user:amAdmin in LDAP.

    3.4 Enabling LDAP Authentication in SSO

    For Enabling LDAP Authentication in SSO steps, refer below link.

    \\172.16.50.152\Samvahak\SSO\Document\Enabling LDAP authentication in SSO.pdf

    3.5 Integrating Liferay Portal with SSO and Enabling LDAP


    For Integrating Liferay Portal with SSO and enabling LDAP steps, refer below link.

    \\172.16.50.152\Samvahak\SSO\Document\Integrating Liferay Portal with SSO and Enabling


    LDAP.pdf
    4 Reference
    http://www.objectpartners.com/2010/08/16/integrating-sso-openam-with-liferay-portal-on-tomcat/

    https://wikis.forgerock.org/confluence/display/openam/integrate+OpenAM+with+Liferay

    To Enable LDAP Authentication:


    http://download.oracle.com/docs/cd/E19316-01/820-4729/gjdcv/index.html

    You might also like