Liferay

Thanks to Sebastien BAHLOUL for this documentation.

Presentation

Liferay is an entreprise portal.

Liferay can use LemonLDAP::NG as an SSO provider but you have to manage how users are created: Of course, intergation will be full if you use the LDAP directory as user backend for LemonLDAP::NG and Liferay.

Warning: if the user is not created, or can not be created via LDAP import, the connection to Liferay will be refused. With LDAP, login, mail, first name and last name are required attributes. If one is missing, the user is not created.

This documentation just explains how to set up the SSO part. Please refer to Liferay documentation to enable LDAP provisionning.

Integration with LemonLDAP::NG

Liferay configuration

Access to Liferay (first time):

liferay_1.png

Login as administrator:

liferay_2.png

Go to My Account:

liferay_3.png

Go to Portal > Settings:

liferay_4.png

Go to Configuration > Authentication:

liferay_5.png

In "General", fill at least the following information: We advice to deactivate other options, cause users will use LemonLDAP::NG portal to modify or reset their password.

liferay_6.png

Then use the SiteMinder tab to configure SSO: liferay_7.png

Do not forget to save your changes!

LemonLDAP::NG configuration

Just add a virtualhost inside Manager: And configure this virtualhost in Apache:
<VirtualHost *>
        ServerName liferay.example.com
        ServerSignature Off

PerlHeaderParserHandler My::Package

<Proxy *> Order deny,allow Allow from all </Proxy>

ProxyPreserveHost On ProxyPass / http://liferayIP:8080/ ProxyPassReverse / http://liferayIP:8080/

LogLevel warn ErrorLog /var/log/httpd/liferay-error.log CustomLog /var/log/httpd/liferay-access.log combined </VirtualHost>