Android Archives -

Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature

Problem statement:

In this particular Scenario in the existing application the SSO was implemented using Microsoft OIDC Provider with Liferay DXP. At the time of login the ‘Microsoft OIDC provider’ generated a Bearer Token which was the identifier for the authenticated user .

This Bearer token was needed for all the further API calls to the API Gateway (which in turn called the external data source) . The API gateway used the Bearer Token to further validate the users identity and once validated it Processed the appropriate API response to the API call request .Hence we need to make it available throughout . We were not allowed to save the Token in Sessions because of security reasons.

Swim-lane diagram showing the OpenID Connect protocol's sign-in flow.

Reference : https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc

Conditions:

Bearer Token is Unique to every login .

Bearer Token is only available while OIDC call while login

Bearer Token should be available for the whole logged in period

Solution:

We planned to extract the Bearer token at the Login time Once at the while SSO event .
To do so we used Liferay Post Login Action Feature to catch the event .
We Extracted the TOKEN using logic local to the application .
We decided to use Expendo Table feature and stored in KEY – VALUE where USERID was KEY and TOKEN was VALUE
This KEY – VALUE was UNIQUE to each user and each login .

Following is the Example Code snippet for the same.

package com.login.event.post;
import com.liferay.expando.kernel.model.ExpandoTableConstants;
import com.liferay.expando.kernel.service.ExpandoValueLocalServiceUtil;
import com.liferay.portal.kernel.events.ActionException;
import com.liferay.portal.kernel.exception.PortalException; 
import com.liferay.portal.kernel.model.User; 
import com.liferay.portal.kernel.service.UserLocalServiceUtil;
import com.liferay.portal.kernel.events.LifecycleAction;
import com.liferay.portal.kernel.events.LifecycleEvent;
import org.osgi.service.component.annotations.Component;
/**
 * 
 * --------Author Details---------
 * Name:    YoungIT Consulting Services GmbH
 * Email:   [email protected]
 * Address: Fleethörn 7, 24103 Kiel, Germany
 * Phone:   +491514 5682025
 * --------Author Details---------
 * 
 */
@Component
(
immediate = true,
property = { "key=login.events.post" },
service = LifecycleAction.class
)
public class LoginPostAction implements LifecycleAction {
    @Override
    public void processLifecycleEvent(LifecycleEvent lifecycleEvent) throws ActionException {
        long userId = Long.parseLong(lifecycleEvent.getRequest().getUserPrincipal().toString());
        User user;
        try {
            user = UserLocalServiceUtil.getUser(userId);
            ExpandoValueLocalServiceUtil.addValue(user.getCompanyId(), User.class.getName(), ExpandoTableConstants.DEFAULT_TABLE_NAME,
                    "bearerToken", user.getPrimaryKey(), "==UPDATE_TOKEN_HERE==");
        } catch (PortalException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        System.out.println("login.event.pre=" + lifecycleEvent);
    }

Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature Read More »

Moduler Approach in Liferay DXP

Android, Mobile / YoungIT

1) How moduler approach in Liferay helps creating customized solutions.

2) Liferay can be better explained as set of cubes where each cube is a different feature .

3) Customizing the vanilla (Default) Liferay Bundle by simply ADDING or REMOVING these cubes (Features).

4) Enabling/ disabling Multiple (OOB) security features as per customers need .( Example – Enabling SSO with NTLM, CAS, SiteMinder, OpenSSO, OpenID, Facebook)

5) Scaling the solution as per expected number of enduser (can be achieved using features like autoscaling in LIferay DXP Cloud ).

Link – https://lnkd.in/eWZHmtgc
#architect #security #cloud #Liferay #liferaydxp
#digital #experience #liferayExperienceCloud #architecture #design

Moduler Approach in Liferay DXP Read More »

How a customer can choose a best fit CMS for himself

Android, Joomla, Liferay / YoungIT

Many consumers find it difficult to select the best content management system (CMS). With so many alternatives on the market, determining which CMS will be the best fit for your business can be difficult. We’ll look at some important considerations to consider while selecting a CMS.

Determine your requirements.

The first step in selecting a CMS is to establish your needs. What are your objectives and ambitions for the website or digital experience you wish to build? What are the most important features and functionalities you require? Defining your requirements can assist you in narrowing your alternatives and selecting a CMS that suits your specific requirements.

Consider your financial situation.

Another key element to consider while selecting a CMS is your budget. Because different CMSs have different price schemes, it’s critical to understand the costs associated. Some CMSs may have substantial upfront expenses, while others may have continuing subscription prices. Make sure you account for all expenditures, such as licencing, hosting, and development.

Consider the ease of use.

The ease of use is critical, especially if you are not a developer or technical specialist. Look for a CMS with an easy-to-use UI and intuitive features. Without knowing how to code, you should be able to simply develop and publish content, manage your website’s look, and customise its functions.

Consider scalability.

Your CMS requirements may alter as your website expands and your business advances. Look for a CMS that can grow with your company and meet your changing needs over time. This includes being able to manage growing traffic, adding new features, and integrating with other systems as needed.

Examine security

When selecting a CMS, security should be a top priority. Look for a CMS with strong security features such as user authentication, data encryption, and vulnerability scanning. Make sure the CMS is updated on a regular basis to resolve any security vulnerabilities or concerns.

Consider your options for assistance and resources.

Finally, examine the level of support and resources provided by the CMS you select. Look for a CMS with an active user and development community, as well as extensive documentation, tutorials, and support options. Ascertain that you have access to the resources required to get the most out of your CMS.

How a customer can choose a best fit CMS for himself Read More »

Features and Benefits Of Liferay DXP 7.4

Android, Business portal, Ios, Uncategorized / YoungIT

Liferay DXP 7.4 is a feature-rich and robust digital experience platform that gives enterprises a wide range of tools and capabilities for creating and managing digital experiences across numerous channels. Liferay DXP 7.4 has a number of features and benefits that make it a popular choice for organizations trying to optimize their digital processes and give a seamless and engaging user experience to their clients.

The following are some of the important features and advantages of using Liferay DXP 7.4:

Management of Multi-Channel Experience

Liferay DXP 7.4 enables businesses to design and manage digital experiences across many channels such as online, mobile, and social media. This feature ensures that businesses can contact their clients no matter where they are by providing a consistent experience across all channels.

Targeting and personalization

Liferay DXP 7.4 includes extensive personalization and targeting features that enable organizations to create personalized experiences for their consumers based on their interests, behaviors, and history. This feature assists organizations in increasing client involvement and building stronger relationships.

Content Management

Liferay DXP 7.4 has a powerful content management system (CMS) that allows organizations to develop, manage, and publish content across different channels. This feature offers support for multi-language content, processes, versioning, and more.

Collaboration and Social Networking

Liferay DXP 7.4 includes a number of collaboration and social networking capabilities that help organizations connect with their consumers and workers. This feature offers support for blogs, wikis, forums, and social networking tools, allowing businesses to create a community around their brand.

Enterprise Integration.

Liferay DXP 7.4 includes a number of enterprise integration capabilities that allow enterprises to link their digital experience platform to their existing IT infrastructure. This functionality supports RESTful APIs, web services, and other integration protocols, allowing organizations to leverage their existing technology investments.

Compliance and security

Liferay DXP 7.4 includes enhanced security and compliance tools to help businesses protect their digital assets while also meeting regulatory standards. This feature offers support for single sign-on (SSO), secure data storage, and other security procedures, allowing businesses to keep their customers’ data private and secure.

Features and Benefits Of Liferay DXP 7.4 Read More »