1

Liferay 6.2 Auth Type: BASIC Web.xml has entries:

<security-constraint>
        <web-resource-collection>
            <web-resource-name>/c/portal/protected</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>PAdministrator</role-name>
        </auth-constraint>
    </security-constraint>
    <login-config>
        <auth-method>BASIC</auth-method>
    </login-config>
    <security-role>
        <role-name>PAdministrator</role-name>
    </security-role>

Tomcat User .xml:

<user username="MyPortalUser" password="xxxxxxxx" roles="PAdministrator"/>

After Tomcat restart : Browser throws up Popup asking for credentials. However when i say request.getPrincipal() it always returns userid of the default portal user account, I am interested in getting logged in username not the mapping ID in portal DB.

Have also tried fetching the user from ThemeDisplay.getUser(), This always returns the id of the default user and not the logged in user.?

Is there any other way of extracting user name ? or am i missing something?

Appreciate any help? Thanks

Jerry Stratton
  • 3,287
  • 1
  • 22
  • 30
Mogambo mast
  • 11
  • 2

1 Answers1

0

Liferay relies on having entries for the users that sign in in its own database as well. As you state you have them in tomcat-users.xml, I'm assuming that they're not created in Liferay's database - this will need to be done.

Disclaimer: I've never changed the login strategy in Liferay to BASIC and don't know if it's supposed to work at all. The reason for Liferay depending on the user records in its own database is that a lot of content links to the user records, and those links couldn't be done to tomcat-users.xml (or to another external system). And a lot more data than just the username is required.

Olaf Kock
  • 46,930
  • 8
  • 59
  • 90