This Document describes the steps required to configure OpenID Authentication in IBM Websphere Portal 8 and Integrating Facebook.
Checkout this video link as well in which i have described the configuration below. https://www.youtube.com/watch?v=alvSJJe820w
Please refer to the following IBM link for complete details:
http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Integrating_with_OpenID_authentication_wp8
To learn how to create facebook app goto http://developers.facebook.com/docs/appsonfacebook/tutorial/
Follow the steps below exactly as described.
Configuring OpenID Authentication:
1. Register Portal Applicaiton.
PrivatePortalApp
App ID: 277658942340558
App Secret: **********4460bd7**********5bcb
http://wpbox.rcds.net:10039/wps/myportal
Public-PortalApp
App ID: 197535877045254
App Secret: **********4460bd7**********5bcb
http://wpbox.rcds.net:10039/wps/portal
2. Run the enable-identityprovider-tai command.
ConfigEngine.bat enable-identityprovider-tai -DWasUserId=wpsadmin -DWasPassword=wpsadmin
-Didp.providerlist=facebook -Dfacebook_apps=app,pub -Dfacebook_app_id=277658942340558
-Dfacebook_app_secret=**************************** -Dfacebook_app_site=http://wpbox.rcds.net:10039/wps/myportal -Dfacebook_pub_id=197535877045254 -Dfacebook_pub_secret=*****************************
-Dfacebook_pub_site=http://wpbox.rcds.net:10039/wps/portal
3. Configure the Login portlet.
Log in WP as Admin.
Configure the Login portlet with the following parameters
parameter value
show_idp_option true
show_idp_max 4
show_idp_freeform_field false
facebook.image = http://icons.iconarchive.com/icons/emey87/social-button/32/facebook-icon.png
4. Configure the Profile Management Portlet.
parameter value
show_idp_option true
show_idp_max 4
show_idp_freeform_field false
facebook.image http://icons.iconarchive.com/icons/emey87/social-button/32/facebook-icon.png
facebook.required ibm-primaryEmail|email; givenName|first_name; sn|last_name; uid|id; preferredLanguage|locale
5. C:\IBM\WebSphere\PortalServer\prereqs.infra\prereq.commons.httpclient\lib\ext
commons-codec-1.3.jar
commons-httpclient-3.0.1.jar
6. add SSL certificates for the configured identity provider;
Under WAS console goto:
Security:
> SSL certificate and key management
> Manage endpoint security configurations
> WebSphere_Portal
> Key stores and certificates
> NodeDefaultTrustStore
> Signer certificates
> Retrieve from port
Host: graph.facebook.com
Port: 443
Alias: graph.facebook.com_cert
7. Restart the WebSphere_Portal server:
Windows: wp_profile_root\bin
Windows: stopServer.bat WebSphere_Portal -username admin_userid -password admin_password
Windows: startServer.bat WebSphere_Portal
8. Optional: modify attributes for your identity provider trust association
> WebSphere Integrated Solutions Console.
> Security -> Global security -> Web and SIP security -> Trust association.
> Select Interceptors and then select com.ibm.portal.auth.OpenIDTAI.
bindattribute=labeledURI.
loginattribute=uid.
Configuring transient users:
1. ConfigEngine.bat enable-transient-user -DWasUserId=wpsadmin -DWasPassword=wpsadmin -Dtransparent.suffix=o=transparent -Dtransparent.prefix=cn
Stop and restart the WebSphere_Portal server.
Windows: wp_profile_root\bin
Windows: stopServer.bat WebSphere_Portal -username wpsadmin -password wpsadmin
Windows: startServer.bat WebSphere_Portal
2. Optional: Create group objects for external providers to assign different access rights:
Global security > Federated repositories > transientidp
Name Value
buildgroupsfor=facebook
Stop and restart the WebSphere_Portal server.
Windows: wp_profile_root\bin
Windows: stopServer.bat WebSphere_Portal -username wpsadmin -password wpsadmin
Windows: startServer.bat WebSphere_Portal
3. Optional: Complete the following steps to mark transient identity provider users as external.
Resource environment providers > WP PumaStoreService > Custom properties
Name Value
parentDN.externalUsers=o=transparent
4. Complete the following steps to load user attributes during authentication:
> Global security > Trust association > Interceptors > com.ibm.portal.auth.tai.OpenidTAI
> provider.facebook.loadattributes=sn|first_name;cn|last_name;uid|name
Stop and restart the WebSphere_Portal server.
Windows: wp_profile_root\bin
Windows: stopServer.bat WebSphere_Portal -username admin_userid -password admin_password
Windows: startServer.bat WebSphere_Portal
You should now be able to login in IBM Websphere Portal 8 with facebook authentication.
Checkout this video link as well in which i have described the configuration below. https://www.youtube.com/watch?v=alvSJJe820w
Please refer to the following IBM link for complete details:
http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Integrating_with_OpenID_authentication_wp8
To learn how to create facebook app goto http://developers.facebook.com/docs/appsonfacebook/tutorial/
Follow the steps below exactly as described.
Configuring OpenID Authentication:
1. Register Portal Applicaiton.
PrivatePortalApp
App ID: 277658942340558
App Secret: **********4460bd7**********5bcb
http://wpbox.rcds.net:10039/wps/myportal
Public-PortalApp
App ID: 197535877045254
App Secret: **********4460bd7**********5bcb
http://wpbox.rcds.net:10039/wps/portal
2. Run the enable-identityprovider-tai command.
ConfigEngine.bat enable-identityprovider-tai -DWasUserId=wpsadmin -DWasPassword=wpsadmin
-Didp.providerlist=facebook -Dfacebook_apps=app,pub -Dfacebook_app_id=277658942340558
-Dfacebook_app_secret=**************************** -Dfacebook_app_site=http://wpbox.rcds.net:10039/wps/myportal -Dfacebook_pub_id=197535877045254 -Dfacebook_pub_secret=*****************************
-Dfacebook_pub_site=http://wpbox.rcds.net:10039/wps/portal
3. Configure the Login portlet.
Log in WP as Admin.
Configure the Login portlet with the following parameters
parameter value
show_idp_option true
show_idp_max 4
show_idp_freeform_field false
facebook.image = http://icons.iconarchive.com/icons/emey87/social-button/32/facebook-icon.png
4. Configure the Profile Management Portlet.
parameter value
show_idp_option true
show_idp_max 4
show_idp_freeform_field false
facebook.image http://icons.iconarchive.com/icons/emey87/social-button/32/facebook-icon.png
facebook.required ibm-primaryEmail|email; givenName|first_name; sn|last_name; uid|id; preferredLanguage|locale
5. C:\IBM\WebSphere\PortalServer\prereqs.infra\prereq.commons.httpclient\lib\ext
commons-codec-1.3.jar
commons-httpclient-3.0.1.jar
6. add SSL certificates for the configured identity provider;
Under WAS console goto:
Security:
> SSL certificate and key management
> Manage endpoint security configurations
> WebSphere_Portal
> Key stores and certificates
> NodeDefaultTrustStore
> Signer certificates
> Retrieve from port
Host: graph.facebook.com
Port: 443
Alias: graph.facebook.com_cert
7. Restart the WebSphere_Portal server:
Windows: wp_profile_root\bin
Windows: stopServer.bat WebSphere_Portal -username admin_userid -password admin_password
Windows: startServer.bat WebSphere_Portal
8. Optional: modify attributes for your identity provider trust association
> WebSphere Integrated Solutions Console.
> Security -> Global security -> Web and SIP security -> Trust association.
> Select Interceptors and then select com.ibm.portal.auth.OpenIDTAI.
bindattribute=labeledURI.
loginattribute=uid.
Configuring transient users:
1. ConfigEngine.bat enable-transient-user -DWasUserId=wpsadmin -DWasPassword=wpsadmin -Dtransparent.suffix=o=transparent -Dtransparent.prefix=cn
Stop and restart the WebSphere_Portal server.
Windows: wp_profile_root\bin
Windows: stopServer.bat WebSphere_Portal -username wpsadmin -password wpsadmin
Windows: startServer.bat WebSphere_Portal
2. Optional: Create group objects for external providers to assign different access rights:
Global security > Federated repositories > transientidp
Name Value
buildgroupsfor=facebook
Stop and restart the WebSphere_Portal server.
Windows: wp_profile_root\bin
Windows: stopServer.bat WebSphere_Portal -username wpsadmin -password wpsadmin
Windows: startServer.bat WebSphere_Portal
3. Optional: Complete the following steps to mark transient identity provider users as external.
Resource environment providers > WP PumaStoreService > Custom properties
Name Value
parentDN.externalUsers=o=transparent
4. Complete the following steps to load user attributes during authentication:
> Global security > Trust association > Interceptors > com.ibm.portal.auth.tai.OpenidTAI
> provider.facebook.loadattributes=sn|first_name;cn|last_name;uid|name
Stop and restart the WebSphere_Portal server.
Windows: wp_profile_root\bin
Windows: stopServer.bat WebSphere_Portal -username admin_userid -password admin_password
Windows: startServer.bat WebSphere_Portal
You should now be able to login in IBM Websphere Portal 8 with facebook authentication.
Please, can you help me?
ReplyDeleteIn the moment of registration the facebook apps, in my comand ConfigEngine, I can´t able to run -Dfacebook_apps=pub,app. The error is: Target `pub' does not exist in this project.
follow the steps exactly as mentioned above, copy step 2 in notepad and then edit it as per your configuration, use -Dfacebook_apps=app,pub not -Dfacebook_apps=pub,app
ReplyDeleteThanks.