Wednesday, 17 April 2013

Integrating Facebook with IBM Websphere Portal 8.

This Document describes the steps required to configure OpenID Authentication in IBM Websphere Portal 8 and Integrating Facebook.

Checkout this video link as well in which i have described the configuration below. https://www.youtube.com/watch?v=alvSJJe820w

Please refer to the following IBM link for complete details:

http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Integrating_with_OpenID_authentication_wp8

To learn how to create facebook app goto http://developers.facebook.com/docs/appsonfacebook/tutorial/

Follow the steps below exactly as described.

Configuring OpenID Authentication:

1. Register Portal Applicaiton.

PrivatePortalApp

App ID:  277658942340558
App Secret:  **********4460bd7**********5bcb
http://wpbox.rcds.net:10039/wps/myportal


Public-PortalApp

App ID:  197535877045254
App Secret:  **********4460bd7**********5bcb
http://wpbox.rcds.net:10039/wps/portal


2. Run the enable-identityprovider-tai command.

ConfigEngine.bat enable-identityprovider-tai -DWasUserId=wpsadmin -DWasPassword=wpsadmin
-Didp.providerlist=facebook -Dfacebook_apps=app,pub -Dfacebook_app_id=277658942340558
-Dfacebook_app_secret=**************************** -Dfacebook_app_site=http://wpbox.rcds.net:10039/wps/myportal -Dfacebook_pub_id=197535877045254 -Dfacebook_pub_secret=*****************************
-Dfacebook_pub_site=http://wpbox.rcds.net:10039/wps/portal


3. Configure the Login portlet.

Log in WP as Admin.

Configure the Login portlet with the following parameters

parameter value

show_idp_option   true
show_idp_max   4
show_idp_freeform_field false
facebook.image = http://icons.iconarchive.com/icons/emey87/social-button/32/facebook-icon.png

4. Configure the Profile Management Portlet.

parameter value

show_idp_option   true
show_idp_max   4
show_idp_freeform_field false
facebook.image http://icons.iconarchive.com/icons/emey87/social-button/32/facebook-icon.png
facebook.required ibm-primaryEmail|email; givenName|first_name; sn|last_name; uid|id; preferredLanguage|locale

5. C:\IBM\WebSphere\PortalServer\prereqs.infra\prereq.commons.httpclient\lib\ext

commons-codec-1.3.jar
commons-httpclient-3.0.1.jar

6. add SSL certificates for the configured identity provider;

Under WAS console goto:

Security:

> SSL certificate and key management
> Manage endpoint security configurations
> WebSphere_Portal
> Key stores and certificates
> NodeDefaultTrustStore
> Signer certificates
> Retrieve from port

Host: graph.facebook.com
Port: 443
Alias:  graph.facebook.com_cert


7. Restart the WebSphere_Portal server:

Windows: wp_profile_root\bin
Windows: stopServer.bat WebSphere_Portal -username admin_userid -password admin_password
Windows: startServer.bat WebSphere_Portal

8. Optional: modify attributes for your identity provider trust association

> WebSphere Integrated Solutions Console.
> Security -> Global security -> Web and SIP security -> Trust association.
> Select Interceptors and then select com.ibm.portal.auth.OpenIDTAI.

    bindattribute=labeledURI.
    loginattribute=uid.

Configuring transient users:

1. ConfigEngine.bat enable-transient-user -DWasUserId=wpsadmin -DWasPassword=wpsadmin -Dtransparent.suffix=o=transparent -Dtransparent.prefix=cn

Stop and restart the WebSphere_Portal server.

Windows: wp_profile_root\bin
Windows: stopServer.bat WebSphere_Portal -username wpsadmin -password wpsadmin
Windows: startServer.bat WebSphere_Portal

2. Optional: Create group objects for external providers to assign different access rights:

Global security > Federated repositories > transientidp

Name Value

buildgroupsfor=facebook

Stop and restart the WebSphere_Portal server.

Windows: wp_profile_root\bin
Windows: stopServer.bat WebSphere_Portal -username wpsadmin -password wpsadmin
Windows: startServer.bat WebSphere_Portal

3. Optional: Complete the following steps to mark transient identity provider users as external.

Resource environment providers > WP PumaStoreService > Custom properties


Name Value

parentDN.externalUsers=o=transparent

4. Complete the following steps to load user attributes during authentication:

> Global security > Trust association > Interceptors > com.ibm.portal.auth.tai.OpenidTAI
> provider.facebook.loadattributes=sn|first_name;cn|last_name;uid|name


Stop and restart the WebSphere_Portal server.

Windows: wp_profile_root\bin
Windows: stopServer.bat WebSphere_Portal -username admin_userid -password admin_password
Windows: startServer.bat WebSphere_Portal


You should now be able to login in IBM Websphere Portal 8 with facebook authentication.

2 comments:

  1. Please, can you help me?
    In the moment of registration the facebook apps, in my comand ConfigEngine, I can´t able to run -Dfacebook_apps=pub,app. The error is: Target `pub' does not exist in this project.

    ReplyDelete
  2. follow the steps exactly as mentioned above, copy step 2 in notepad and then edit it as per your configuration, use -Dfacebook_apps=app,pub not -Dfacebook_apps=pub,app
    Thanks.

    ReplyDelete