Thursday, November 10, 2011

LifeRay With OpenID

Share it Please

In This article, we will see how we can configure the OpenID server and link that to the LifeRay Portal Server. For this article I have used the Atlassian Crowd Server as OpenID server. This article goes in steps.

1.    What is an OpenID ?
2.    Benefits of OpendID
3.    How Does It Work
4.    Backend Library
5.    Download the Atlassian Crowd OpenID Server.
6.    Configure the Crowd Open ID Server.
7.    Configure LifeRay with the Crowd Open ID Server.
8.    Create a user in Crowd OpenID Server.
9.    Generate OpenID for the User.
10. Login into LifeRay using OpenID.

This article mainly focuses on OpenID details, configuration of LifeRay with Atlassian's CrowdID OpenID server.

1. What is an OpenID?

OpenID is an open, decentralized, free framework for user-centric digital identity.

OpenID starts with the concept that anyone can identify themselves on the Internet the same way websites do-with a URI (also called a URL or web address). Since URIs are at the very core of Web architecture, they provide a solid foundation for user-centric identity.

2. Benefits of OpenID

From end user View, An OpenID is a single username and password that lets you login to any OpenID-enabled site. OpenID makes remembering different usernames and passwords for different sites a thing of the past.

From Website View, facilitates registration for end users.

The end purpose of OpenID is to keep all the sensible information in the provider so that it's not spread through all the websites where the user has an account. This makes it much easier to protect and keep up to date.

3. How does it work?

  1. User selects an OpenID Provider and creates an account in it. The provider gives the user a unique URL that identifies him.
  2. User finds a new website and wants to create an account. He finds out happily that the website supports OpenID (it's an OpenID consumer).
  3. User logs in with his OpenID URL
  4. The website uses the URL to contact the OpenID provider of the user and requests it some information to be able to create the new account for the user
  5. The user is redirected to his provider's website to:
    1. Login to demonstrate he is the owner of the URL
    2. Accept the request for information from the original website (the providers usually allow maintaining several profiles and the user can select which one to use)
  6. The user is then redirected to the original website with all the necessary information
  7. The website takes that information and creates an account for the user (only the first time) and logs him in
  8. The user logs in

4. Backend Library

LifeRay uses OpenId4java as the backend library to implement the OpenID functionality. This library was chosen because:
  • It is free software with a License compatible with Life ray’s (Apache License 2.0)
  • It seems to have the largest community among the alternatives

5. Download the Atlassian Crowd Server.

Download the Crowd OpenID server from Here .

6. Configure the Crowd Open ID Server.

The first step in configuring the Crowd OpenID server are ,

Specify your Crowd Home directory by editing the configuration file at CROWD-INSTALLATION/WEB-INF/classes/ for Unix(if working in Unix) and
windows(if working for windows)

crowd.home=/usr/crowd (I changed the directory name to crowd)

2. Go To /usr/crowd/apache-tomcat/conf/Catalina/localhost and open the file crowd.xml (else create one with the data)

Change the docBase with the correct path of crowd-webapp like

<Context path="/crowd" docBase="/usr/crowd/crowd-webapp" debug="0" reloadable="false">
3. Go to the Location, /usr/crowd/crowd-openidserver-webapp/WEB-INF/classes
and modify the like,                       crowd-openid-server
application.password                 password
application.login.url                   http://localhost:8095/openidserver

crowd.server.url                        http://localhost:8095/crowd/services/

session.isauthenticated              session.isauthenticated
session.tokenkey                       session.tokenkey
session.validationinterval           0
session.lastvalidation                 session.lastvalidation

Modify the crowd.server.url and application.login.url.

4. Go to the Location, /usr/crowd/apache-tomcat/conf/Catalina/localhost
and create a file(if not available) openidserver.xml with the following content

<Context path="/openidserver" docBase="../../crowd-openidserver-webapp" debug="0">

    <Resource name="jdbc/CrowdIDDS" auth="Container" type="javax.sql.DataSource"

<Manager className="org.apache.catalina.session.PersistentManager" saveOnRestart="false"/>


If the file exists, add the line leaving the rest untouched,

<Manager className="org.apache.catalina.session.PersistentManager" saveOnRestart="false"/>

5. Once all these modifications are done. Restart the tomcat server . The url will be

For OpenID server: http://localhost:8095/openidserver/login.action

6. Once the configurations are done , Start the Tomcat server in the same directory location and access the url in a browser and follow the steps,

Since the Crowd OpenID server is available only for a trail version, it will ask for a Evaluation key. We need to register with Atlassian Crowd Server and get a key from the web site. Once the get the key , the server will allow us to move further .The next step would be to configure Type of Database


The Next Step would be to select the options,

Give a name to the Deployment Title, Value to Session Time Out and Base URL.

The next step would be to configure the Internal Directory, I just gave the Name and took the default value for others

The Next step would be to configure and Administrator account,

The next step is to configure the Integrated applications .I have taken the default options.

And Then the final step, 

Once the configuration is done correctly, a login screen will be shown. We can login using the username and password which we created as a administrator.

7. Configure LifeRay with the Crowd Open ID Server.

The Configuration of LifeRay with Crowd OpenID server is done in the 3 step above.

8. Create a User in Crowd OpenID Server.

Login in as administrator (the user that we created while configuring the Crowd OpenID server).Once we login into the Server, we see the screen

Select Users on the top panel . In the Left pane , click on the Add User. 


 Create a user with all required details


9. Generate OpenID for the User.

Once the user is configured, open the url
http://localhost:8095/openidserver/login.action in a browser and login using the username and password that we created before.

Once we login, we are given with a OpenID.

10. Login into LifeRay using OpenID.

Start the LifeRay Server and sign in using the OpenID option under the Sign In portal.


Enter the OpenID url that we got and click sign in. It will take us to the OpenID server. Once we are logged in, we see the following page. Select the Allow Always option.

Once we select the Allow Always, we will be taken back to the LifeRay server

By This we complete the Configuration of OpenID server with Liferay.
More Articles To Come , Happy Coding..


  1. I think that is among the so much significant information for me.

    And i am satisfied studying your article. But want to statement on few general things,
    Thee site taste is perfect, the articles is actually excellent :
    D. Good task, cheers

    Also visit my homepage; Wood artist

  2. Good one jagadish

  3. I am actually glad to read this weblog posts which consists of plenty of useful data, thanks for
    providing these kinds of information.

    Review my website; Minecraft Games

  4. whoah this blog is wonderfjl i love studying youjr posts.
    Keep up the good work! You already know, many individuals are hunting round for this info, yyou ccan help them greatly.

  5. Hello there, just became aware of your blog through Google,
    and found that it is truly informative. I am gonna watch out for brussels.
    I will appreciate if you continue this in future. A lot of people will be benefited from your writing.

  6. My brother recommended I would possibly like this website.
    He used to be entirely right. This put up actually masde my day.
    You cann't believe just how a lot time I had spent
    for this info! Thank you!

  7. Nice post. I used to be checking constantly this blog and I am impressed!
    Very useful information specifically the remaining phase
    :) I handle such info much. I used to be seeking this
    particular info for a long time. Thank you and
    best of luck.

  8. I constantly spent my half an hour to read this website's articles
    daily along with a mug of coffee.