<ahref="http://www.liferay.com/"class="urlextern"title="http://www.liferay.com/"rel="nofollow">Liferay</a> is an enterprise portal.
</p>
<p>
Liferay can use <abbrtitle="LemonLDAP::NG">LL::NG</abbr> as an <abbrtitle="Single Sign On">SSO</abbr> provider but you have to manage how users are created:
</p>
<ul>
<liclass="level1"><divclass="li"> By hand in Liferay administration screens</div>
</li>
<liclass="level1"><divclass="li"> Imported from an LDAP directory</div>
</li>
</ul>
<p>
Of course, integration will be full if you use the LDAP directory as users backend for <abbrtitle="LemonLDAP::NG">LL::NG</abbr> and Liferay.
</p>
<divclass="noteimportant">If the user is not created, or can not be created via LDAP import, the connection to Liferay will be refused. With LDAP, login, mail, first name and last name are required attributes. If one is missing, the user is not created.
</div>
<p>
This documentation just explains how to set up the <abbrtitle="Single Sign On">SSO</abbr> part. Please refer to Liferay documentation to enable LDAP provisionning.
In <code>General</code>, fill at least the following information:
</p>
<ul>
<liclass="level1"><divclass="li"><strong>How do users authenticate?</strong>: by login</div>
</li>
</ul>
<divclass="notetip">We advice to deactivate other options, cause users will use <abbrtitle="LemonLDAP::NG">LL::NG</abbr> portal to modify or reset their password.
<divclass="noteimportant">You need to activate LDAP authentication, else <abbrtitle="Single Sign On">SSO</abbr> authentication will not work. Do this in the control panel or in the configuration file:
<preclass="file">ldap.auth.enabled=true</pre>
</div>
<p>
Then use the <code>SiteMinder</code> tab to configure <abbrtitle="Single Sign On">SSO</abbr>:
<liclass="level1"><divclass="li"><strong>Import from LDAP</strong>: Yes (see <ahref="#presentation"title="documentation:2.0:applications:liferay ↵"class="wikilink1">presentation</a>)</div>
Configure Liferay virtual host like other <ahref="../configvhost.html"class="wikilink1"title="documentation:2.0:configvhost">protected virtual host</a>.
</p>
<ul>
<liclass="level1"><divclass="li"> For Apache:</div>
<h3class="sectionedit6"id="liferay_virtual_host_in_manager">Liferay virtual host in Manager</h3>
<divclass="level3">
<p>
Go to the Manager and <ahref="../configvhost.html#lemonldapng_configuration"class="wikilink1"title="documentation:2.0:configvhost">create a new virtual host</a> for Liferay.
</p>
<p>
Just configure the <ahref="../writingrulesand_headers.html#rules"class="wikilink1"title="documentation:2.0:writingrulesand_headers">access rules</a>. You can add a rule for logout:
Configure the <code>Auth-User</code><ahref="../writingrulesand_headers.html#headers"class="wikilink1"title="documentation:2.0:writingrulesand_headers">header</a>.
</p>
</div>
<!-- EDIT6 SECTION "Liferay virtual host in Manager" [3262-] --></div>