This discussion is archived
4 Replies Latest reply: Nov 14, 2012 12:09 PM by YueZ-Oracle RSS

com.liferay.portal.servlet.filters.autologin.AutoLoginFilter=true

YueZ-Oracle Newbie
Currently Being Moderated
I have this line in portal-ext.properties. However, the AutoLogin hook was not invoked each time. Any idea?

Thanks!
  • 1. Re: com.liferay.portal.servlet.filters.autologin.AutoLoginFilter=true
    920261 Explorer
    Currently Being Moderated
    I'm not familiar with the com.liferay.portal.servlet.filters.autologin.AutoLoginFilter property. When I setup an auto login action, I just configured the following properties in portal-ext.properties:

         auto.login.hooks=com.endeca.portal.security.auth.MyAutoLogin
         logout.events.post= com.endeca.portal.action.MyLogoutAction

    Dave
  • 2. Re: com.liferay.portal.servlet.filters.autologin.AutoLoginFilter=true
    YueZ-Oracle Newbie
    Currently Being Moderated
    It seems the AutoLogin hook is invoked only for unauthenticated user. Is there way to make it be invoked for every request?
  • 3. Re: com.liferay.portal.servlet.filters.autologin.AutoLoginFilter=true
    920261 Explorer
    Currently Being Moderated
    Well, in this post (http://www.liferay.com/community/forums/-/message_boards/message/7043335), a Liferay staffer writes:

    "...if what you're trying to do is unauthenticate/reauthenticate users with every request, I would recommend writing a servlet filter rather than use the auto login hook mechanism (only possible in an ext plugin)."

    I don't know too much about implementing servlet filters, but I can guess some things by looking at the AutoLoginFilter;

    - The AutoLoginFilter class extends BasePortalFilter, which I think enables the ability to toggle on and off filters with the com.liferay.portal.servlet.filters.autologin.AutoLoginFilter=true like you've tried.
    - The AutoLoginFilter is configured in <tomcat-dir>/webapps/ROOT/WEB-INF/web.xml (assuming you're using the tomcat bundle)

    I'd guess that you have two options:

    1) Create your own servlet filter, package it in a jar, drop it in <tomcat-dir>/webapps/ROOT/WEB-INF/lib, enable it in portal-ext.properties, configure it in web.xml
    2) Create a modified version of AutoLoginFilter.class, package it in a jar, drop it in the lib folder, and see if it overrides the one that is in portal-impl.jar. I'm not sure if it will or not. I've not tried this before.

    Either way, I'd guess you could copy the logic from AutoLoginFilter.java (source available from liferay.com) and remove the conditional "if ((remoteUser == null) && (jUserName == null))".

    It sounds like there's an official way to create a servlet filter hook using Liferay's ext SDK, but I'm afraid I'm not sure whether or not this is possible in EID Studio. The Components SDK that is available from Oracle has an option that I've never tried in components/hooks. You might try creating one of those. Sorry I don't have more knowledge on this.
  • 4. Re: com.liferay.portal.servlet.filters.autologin.AutoLoginFilter=true
    YueZ-Oracle Newbie
    Currently Being Moderated
    I tried the customized auotloginfilter and it works. Thanks!

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points