Liferay CAS Integration Part-1

CAS Introduction:

CAS is service which provides Central Authentication. We can authenticate users who are belongs to many application from CAS. We deploy CAS in application server we can use this CAS server for all our applications to do authentication.CAS is best solution for Single Sign On and Single Sign Out.

If we have multiple web applications then we need not provides authentication in each application instead of that we use CAS to authenticate users and user may belongs to any application.

To do so we need to create multiple data sources for CAS so that CAS can authenticate against configured data sources.

We can configure different kind of data sources to CAS like JDBC data source which connect to relational data bases and LDAP data sources which can connect to LDAP servers. Apart from LDAP and JDBC CAS can support many.

We already know CAS is service and we will have client to consume or use service. So that CAS is providing different types of clients to support cross platform application.CAS providing many clients to support in many applications.

How CAS is working?

CAS is ticket based service. Which is working based on tickets and its validation.

 Initially when user send his/her credentials to CAS for authentication it will provide TGT (Ticket Granting Ticket) when user find in data source or we can say after successful authentication by CAS.

 Once we get TGT we will pass TGD and Service URL to CAS then it will give Service Ticket and redirecting to URL which we provided as service URL and service ticket stored in Cookies.

When we redirecting to Service URL/Client Application then client will obtain the service and it will send service ticket and client application URL to CAS to validate on behalf of application URL.

If the validation successful then it will return user principles (username/password) then client application create session for user in applications.

In the application we will use CAS client library for obtain service tickets and validate the tickets on behalf of client application URL/service URL.

Note:

Service URL is nothing but current client application URL for which we are using CAS service.

Generally we use CAS login URL with username user password and service URL to get service ticket

How does liferay support CAS?

Liferay already have CAS client inbuilt so that we need pass CAS service information so that we can enable CAS service in liferay. These are just administration configuration in liferay once we ready with CAS server.

What is SSO?

SSO is Single Sign On service means if we have multiple applications we need not to provide user credentials in each application instead of that we will authenticate the user with CAS and we will use CAS tickets to login into other application here user don’t need enter credentials for each application login.

Note:

To implement CAS SSO we need to use https protocol. SSO need secure protocol. Https use Secure Socket layer mechanism to send data from server to client.

How SSL is working?

To enable SSL to server we need to create SSL certificates and add those cerficates in Server JRE environment. Generally all certificates available in jre\lib\security directory.SSL certificate having public and private keys along with one of encryption algorithm like RSA, SHA

In real environment we need to purchase these SSL certificates from vendors they will give us SSL certificates.

For our Development environment we will create self signed SSL certificates using java key tool or other tools like open SSL tools.

How does https work?

When we are using HTTPS protocol then data transfer from server to client encrypted by SSL certificates with help of public key, private key and encryption algorithm.

When the scenario like CAS server and Client Application reside in two different machines or two different servers which are using different JRE then we need to share same certificate with tow servers JRE. Otherwise we will get encryption decryption problems i.e. SSL hand shaking problem (PKIX exception).

When data comes from one server to other server then we need use same public key, private key and same algorithm required to decrypt or encrypt the data that is why we need to share same SSL certificate with tow server environments.

Now we will have enough information about CAS. Now we are using in liferay. We already know CAS is service and liferay is client to use CAS service. Liferay already have CAS client support.

The following are the required steps to integrate CAS in Liferay.

1. Create CAS server with JDBC support
2. Create SSL certificate using java key tool
3. Add SSL certificate to Server JRE
4. Configure CAS server information In Liferay

Author

Meera Prince

Read More

Liferay Environment Challenges and Solutions with Eclipse

Liferay Environment Challenges and Solutions with Eclipse

• ECJ is not installed Error when deploy the portlet from eclipse
• PermGen Space Error / Out of Memory Error

ECJ is not installed Error when deploy portlet in eclipse

Solution: 1

Generally in liferay to compile and build the application it uses ECJ jar. When we use following properties in build.properits file of Liferay Plugins SDK

#javac.compiler=modern    javac.compiler=org.eclipse.jdt.core.JDTCompilerAdapter

When we use JDT compiler in eclipse then It will expect ecj.jar should be available in global ant runtime path.

So we need to add ecj.jar file to ANT global class path as follows

Go to eclipse windows preferences

Select ANT run time as follows

Now add jar file to ant global class path. Select external jar file button then brows ecj.jar file

Note:

ecj.jar file available in Plugins SDK lib directory (liferay-plugins-sdk-6.2.0/lib)

Solution: 2

Now we can also skip this error by using java compiler to modern.

We already know we have created SystemUserName.build.properties to override properties in Plugins SDK build.properties file.

We just uncomment JDT compiler and enable java complier to modern in SystemUserName.build.propertis file of your Plugins SDK.

Do as follows in properties file

javac.compiler=modern    #javac.compiler=org.eclipse.jdt.core.JDTCompilerAdapter

PermGen Space Error / Out of Memory Error

When we run liferay we need to set heap memory for JVM that is used by liferay application server

The following three options witch control the JVM Heap memory so that we need to set this values as JAVA_OPTS.

-Xms -Xmx -XX:MaxPermSize

Set this following values as JAVA_OPTS so that liferay portal can run without PermGen space error or Out of Memory Error

-Xms1024m -Xmx1024m -XX:MaxPermSize=256m

We can set JAVA_OPTS in following ways

1. Set JAVA_OPTS as System Variable
2. Set JAVA_OPTS in Application Server
3. Set JAVA_OPTS to Eclipse Configured Server

Set JAVA_OPTS as System Variable in Windows

When we set JAVA_OPTS as System Environment Variable then all servers uses the same java opts to all servers and applications which are running in the machine

To set JAVA_OPTS in windows operating system we need to go to computer properties and need to choose Advanced System Settings

The following screen shows to select computer properties

Now click on Environment variables

The following screen shows advances system settings

In the system variables section click on new button to create new system environment variables

The following screen shows create system environment variables

Once click on new it will ask variable name and its value and click on OK then JAVA_OPTS will be created as System Environment Variables.

Enter following values

Variable Name:  JAVA_OPTS Variable Value:  -Xms1024m -Xmx1024m -XX:MaxPermSize=256m

Note:

When we set JAVA_OPTS as system variables then all application servers which are running in the machine will use these values.

This variable not only for Liferay portal it can be for any web applications which are running in the server.

This variables setting in windows environment and its same for other OS like Linux but setting of variable is bit different.

Set JAVA_OPTS in Application Server

We can also set JAVA_OPTS values in application serves. For each server there some configuration files we can set server configuration in the file so that it can be read by when server is starting.

When we set the value in server then it can be used by application which is running in the server.

Server configuration file is different with respect to server vendor.

Tomcat Server:

In tomcat we will use setenv.bat/setenv.sh file to configure JAVA_OPTS

Go to tomcat server bin directory and create setenv.bat file for windows environment and setenv.sh for Linux environment.

Once we create the files add JAVA_OPTS in file as follows

In windows setenv.bat as follows

set "JAVA_OPTS=%JAVA_OPTS% -Xmx1024m -XX:MaxPermSize=256m"

In Linux setenv.sh as follows

export JAVA_OPTS="$JAVA_OPTS -Xmx1024m -XX:MaxPermSize=256m"

In tomcat server we can also use CATALINA_OPTS instead of JAVA_OPTS. This is only for tomcat server

In windows setenv.bat as follows

set " CATALINA_OPTS =% CATALINA_OPTS % -Xmx1024m -XX:MaxPermSize=256m"

In Linux setenv.sh as follows

export CATALINA_OPTS ="$ CATALINA_OPTS -Xmx1024m -XX:MaxPermSize=256m"

Note:

In liferay tomcat server setenv.bat/setenv.sh and configuration already have done. If any problem occurred we just need adjust the values in configuration.

This configuration not only for liferay environment we can use for any web applications which are in running in server.

JBOSS Server

Jboss in windows

Jboss server in windows OS we will use standalone.conf.bat this file available in jboss server bin directory (jboss-7.1.1\bin).

Open jboss standalone.conf.bat and set JAVA_OPTS as follows

set "JAVA_OPTS=%JAVA_OPTS% -Dfile.encoding=UTF-8 -Djava.net.preferIPv4Stack=true -Duser.timezone=GMT -Xmx1024m -XX:MaxPermSize=256m"

Jboss in Linux

Jboss server in Linux we will use standalone.conf this file available in jboss server bin directory(jboss-7.1.1\bin).

Open jboss standalone.conf and set JAVA_OPTS as follows

JAVA_OPTS="$JAVA_OPTS -Dfile.encoding=UTF-8 -Djava.net.preferIPv4Stack=true -Duser.timezone=GMT -Xmx1024m -XX:MaxPermSize=256m"

Note:

In liferay jboss bundle all configurations already done and when we get any problems then we just need to adjust values.

These configuration can use for any web application not only for liferay.

Set JAVA_OPTS to Eclipse Configured Server

Generally we configure application servers to eclipse. We can also configure the values through eclipse.

In ellipse go to servers view and double click on server and then click open launch configuration

Once opened configuration winnow select arguments tab and see the VM arguments

Now you can see memory related variables and you can adjust the size of variables

 Related Articles:

http://www.liferaysavvy.com/2012/09/setting-environment-variables-and.html

Author

Meera Prince

Read More

Liferay Portal Development Introduction

Liferay is open source portal which follow JSR 168 and JSR 286 standards.

Liferay development can be achieved from Plugins SDK it is Standard Development Kit for liferay portal.

Liferay Portal already has more components apart form that if we want add anything to existed liferay portal we need to develop Plugins.

To develop Plugins liferay have given Standard Development Kit i.e. called Plugins SDK.

Liferay Portal can categorize into following  parts.

• Portal Kernel
• Portal Implementation
• Portal Services

Portal Kernel:

Portal Kernel is set of java classes and interfaces which is core components of liferay portal. This kernel can available to outside of portal. From this we can add or develop new things to liferay portal, means out of box features we can develop. This kernel inherits from JSR 168 and JSR 286 features.

All classes and interfaces they are packaged in portal-keranl.jar in previous version of liferay, now it is available inside portal-service.jar

Portal Implementation

Portal Implementation is set of Implementation classes which are derived from Liferay kernel specific to liferay portal use. This component designed for liferay portal built in functionality. All these are packaged in portal-impl.jar

Portal Services

Portal services are is database services which interact with liferay database means lportal database. Whenever we want connect to portal database from Plugins we will use this service layer to connect to liferay database.

What is Liferay Portal?

Liferay implemented their own frameworks and component in Portal Implementation layer and database services packaged as portal service layer,  if we combine these two then it will be become Liferay Portal and portal kernel is common.

We can say like follows

Liferay Kernel +Liferay Implementation +Liferay Services=Liferay Portal

To add new components or  to modify exited competent we need liferay support to outside, for this they have given Portal Kernel and Portal services to outside availability means which is available to Plugins.

Liferay packaged Liferay Kernel and Liferay Services in portal-services.jar

What is meaning of outside availability?

It is nothing but make it accessible their jar files to other applications means these jar files available in application servers global class path

In tomcat tomcat/lib/ext this global class path if any jar available in this directory then any liferay plug-in can use this classes and interfaces.

In Jboss  jboss-7.1.1\modules\com\liferay\portal\main

When we look at these directories we can find portal-service.jar file. So we can say this jar can available to any application that is deployed in server.

Note:

These directories we can see only in liferay supported application servers, means we download liferay tomcat bundles or liferay jobs bundles with these servers only we can see above directories.

The following diagram shows portal-service.jar in tomcat/lib/ext

As of now we are talking about component and Plugins

What is Liferay Plugins?

Liferay Plugin is piece software or set of classes which follows the standard defined by liferay.

A plug-in is a component which can change or modify the behavior of liferay portal or it can add new behavior to portal.

We already said liferay is software which consist of many components and feature so that we can use directly.

It is huge web application have many features and can support many integration with other application.

Liferay have exposed entire their web application as ROOT.war. This is completely liferay developed application which can get from any bundles which we download form liferay web site.

ROOT.war can see in server’s deployment directory

In tomcat we can see ROOT.war file in Tomcat/webapp  directory as follows

In JBOSS we can see in deployments directory

Well now liferay is already a huge web application and liferay has exposed their core components in Global class path, so that we can start customize or add new feature to the liferay.

To customize or develop new feature to liferay portal we need Standard Development Kit that is called Plugins SDK.

Note:

Liferay portal is web application which contains java classes, XML files, velocity files, property files and JSP pages.

Plugins SDK consist of 5 main parts

1. Portlet
2. Hook
3. Ext
4. Theme
5. Layout

When we open downloaded Plugins SDK then we can see 5 main plugins.

Plugin Portlet

Portlets are independent component which can add new behavior or new feature to liferay portal.

It is very flexible components we can add or remove very easy without effect the portal or server. We can develop portlet which can use their own database tables or existed tables. Portlet can also connect to other databases or liferay existed database.

As we discussed earlier portlet can use liferay kernel and liferay services.

We have different kinds of portlet like Liferay MVC portlet, Generic Portlet, Struts Portlet, JSF Portlet and Spring Portlet.

By default Liferay have own portlet frame work i.e. called Liferay MVC frame work which have lot of support in liferay.

Out of box to support other frame work liferay provide some bridges from which we can run any portlet like struts, spring and JSF portlet.

Plugins have well appreciated feature is hot deployment components, means when we deploy the portlet, we need not stop server and change can apply immediately.

If we use Liferay MVC portlet it is easy to create and very light weight.

Note:

In liferay development Liferay IDE supports only Liferay MVC portlet and JSF portlet development. If you want use out box portlets you need manually create portlet and need to add required jar files. Liferay has very good support to JSF frame work portlet.

Advantages:

• Plug and play
• Hot deployment feature
• Can support any J2EE MVC frame work in out box.
• Once we developed in liferay we can run in other portals with minimum changes.
• These are very easy to migrate when we upgrade portal from one version to other versions.

Limitations

• From Plug-in portlet we can’t access portal implementation layer and we can’t change the existed behavior of liferay portal.

Hook

In liferay Hooks are special purpose plugin we can change or modify the existed behavior of liferay portal. Hook can customize the portal but some set of limitations.

Hook can modify the some of the things like properties files, jsp, events and portal services.

Hooks can change the existed portal properties so that we can see the change in portal behavior.

We can change existed portlet jsp pages so that we can add or remove some code in JSP pages.

This is also hot deployment like portlet we need not to stop server we can see the changes.

Advantages

• It can change the existed behavior of portal
• It is hot deployment component.
• Portal existed services also we can change
• These are very easy to migrate when we upgrade portal from one version to other versions.

Limitation

• We can’t modify or change the action classes or main core classes in liferay portal.

Ext

Ext is one of the plug-in in liferay portal which have lot of ability can change anything in existed liferay portal.

We can change the portal implementation through ext so that we can change existed behavior in lifery portal.

we can also create new features from ext. these are not hot deployment so every modification we need to stop server and these Ext’s are very tightly coupled component with  liferay portal means which is not much flexible when we add or remove .

Advantages

• It can change any part of liferay portal

Limitations

• These are not hot deployments components
• Very tightly coupled with liferay core portal
• Very tough when we migrate portal from one version to other version

Note:

 In future liferay may avoid ext completely.

Theme

Theme is the one of the plugin to change the look and feel of portal. Means we can change CSS and java script files from theme.

Liferay portal is using velocity template when portal is rendered in web page this velocity file have capability can accommodate dynamic content like JSP pages.

From themes we can create new look and feel to liferay portal and we can add new CSS and new velocity templates.

Themes also hot deployment component we can deploy theme without down or stop server.

Layout

Layout can decide the page design. It can divide the page into some section in that we can arrange the portlet to complete the web page. Layouts also hot deployment components.

The following is example screen for layouts

Important Points

• Liferay have given Plugins SDK to develop liferay applications.
• Liferay plug-in portlets are very flexible and we can migrate very easy when we upgrade portal.
• We need to minimize development of  Ext
• Liferay MVC frame work is very flexible to develop plug-in portlet and Liferay IDE has support to develop these portets.
• Liferay also have rich support to JSF portlet we can use JSF portlet too.
• Whe we use other frame work to develop portlet we need add some liferay bridges to support other frame work in liferay portal.
• All Plugins are hot deployments except ext. So we don’t need to stop server when we deploy the Plugins.

Related Articles

http://www.liferaysavvy.com/2013/12/liferay-62-portal-installation_11.html

http://www.liferaysavvy.com/2013/12/liferay-62-portal-development.html

Author

Meera Prince

Read More