We respect your privacy

We used cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it. What For?

Accept Reject
« Back to Blogs

Use secure channel(https) after login in liferay portal

5/14/16 11:56 AM

If you want to configure liferay portal in a way that the credentials supplied (especially during the login process) are always encrypted (by using HTTPS) but still it is possible to browse the public content by HTTP for guest users.

 

Goal of this blog is to provide following functionalities :

  • Liferay portal runs on both HTTP and HTTPs protocol

  • Guest user can access liferay portal on HTTP protocol

  • As soon as user tries to login, he/she immediately redirected to HTTPs url.

  • After login, user access the portal on HTTPs protocol so that data being encrypted on further process

  • After logout, user access liferay portal on HTTP protocol


We can achieve above functionalities by putting a few properties in portal-ext.properties file and configuring virtual host in apache web server.

In our example, lets assume we will access our site with www.example.com

 
Step-1 : Add Properties
 
Add following properties in portal-ext.properties :

 

# Set this For Front ending Apache with Liferay

web.server.http.port=80

web.server.host=www.example.com

 

# Added SSL

company.security.auth.requires.https=true

web.server.protocol=https

web.server.https.port=443

default.logout.page.path = http://www.example.com

 

Restart the server.

 
Step-2 : Generate Certificate and key
 

Now you need to generate SSL certificate, key and add certificate to JVM of your system.

Please refer following blog for above. Make sure you generate key and certificate under directory ‘ /etc/apache2/ssl/’.

http://www.surekhatech.com/blog/liferay-sso-integration

 
Step-3 : Apache configuration
 
First enable following modes :
 

sudo a2enmod ssl

sudo a2enmod proxy_http

sudo a2enmod proxy_ajp

sudo a2enmod headers

 

Now configure apache virtual host as following :

 

<VirtualHost *:80>

 

   ServerName www.example.com

   ServerAdmin [email protected]

   ServerAlias www.example.com

   

   LogLevel warn

   ErrorLog /var/log/apache2/example.error.log

   CustomLog /var/log/apache2/example.access.log combined

 

   <Proxy *>

       AddDefaultCharset Off

       Order deny,allow

       Allow from all

   </Proxy>

 

   ProxyPass / ajp://localhost:8009/

   ProxyPassReverse / ajp://localhost:8009/

 

</VirtualHost>

 

<VirtualHost *:443>

 

   ServerName www.example.com

   ServerAdmin [email protected]

   ServerAlias www.example.com

 

   Header set Access-Control-Allow-Origin "*"

 

   LogLevel warn

   ErrorLog /var/log/apache2/example.ssl.error.log

   CustomLog /var/log/apache2/example.ssl.access.log combined

 

   SSLEngine on

   SSLProxyEngine on

   SSLCertificateFile   /etc/apache2/ssl/example.crt

   SSLCertificateKeyFile /etc/apache2/ssl/example.key

 

   ProxyRequests On

   ProxyVia On

   ProxyPreserveHost On

 

   ProxyPass / ajp://localhost:8009/

   ProxyPassReverse / ajp://localhost:8009/


</VirtualHost>

 

Now you should be able to view the portal on https://www.example.com and on http://www.example.com but if you try to login on a http URL you will be immediately redirected to the https://www.example.com and stay there for the whole session.


For more implementation details or support you may contact us at [email protected].

For professional paid support, you may contact us at [email protected] .

19612 Views
liferay 6.2 ssl https secure channel
Average (0 Votes)
The average rating is 0.0 stars out of 5.

Related Blogs

contact-us Request a callback WhatsApp