Automatic creation of subdomains for user's page in liferay - subdomain

When a new user is added to liferay a public page can be created automatically for him.
Where should I look in the source of Liferay to implement such a functionnality ?
Or maybe it's already possible by configuration? If it is so how could I do it?
Thanks

Technically this is done in UserLocalServiceImpl.addUserWithWorkflow(...), but depending on what you really need, you can do part of what you ask for through configuration:
When you create a UserGroup, you can edit the "pages" (or site template) for a usergroup. These pages will be copied/linked to a user's personal site if the user is member of that usergroup. In ControlPanel/Portal/PortalSettings you can choose this usergroup to be the default user group for all newly created users, so that they all get those pages.
Now this doesn't assign a subdomain (like a virtual host) that you mention in the title of this question. If you want to assign a virtual host to the site (called "group" in technical terms when you dig into java code), you'll have to override the method given above (e.g. through a hook that overrides UserLocalService) and configures the user's site/group with a virtual host. However, the UI does not allow to configure virtual hosts for user's sites, but you might be able to do this through the API, e.g. programmatically
If it's enough for you, you can also just implement a blank redirection from http://username.example.com (wildcard on 'username') to http://www.example.com/web/username - e.g. use Apache's mod_rewrite

Finally, i must follow that: http://www.liferay.com/community/forums/-/message_boards/message/10268877.
I just want to user UI, so i must custom portlet to solve that :|

Related

Subdomain of website for Github pages project

I have a Github project, github.com/jeti/matrix, and I set up a "Github pages" site for the project so that it is accessible here jeti.github.io/matrix/.
That is all configurable through Github.
Now, I would like to add a subdomain of my personal website so that the website is accessible via the subdomain matrix.jeti.io of my website jeti.io.
I am just really confused how to do that because the documentation don't seem to show how to redirect a project page to a subdomain. I have tried a few permutations of what I think should be the correct inputs, but because these DNS changes take so long to propagate, it is really hard to test.
Specifically, I would like to know what value to enter into Github as the Custom domain (it seems to me that this should simply be the subdomain matrix.jeti.io, but I am not sure, so I have left this blank):
Then I also need to create the subdomain. I bought the domain through OVH, and they provide a few options for adding a DNS entry:
My understanding is that I need to add 2 apex records. I did that already:
What is unclear to me is whether I also need to add a CNAME entry. This is what the form looks like when I try to add a CNAME entry:
So in recap:
I did not specify the Custom Domain on the Github site.
I created the 2 apex records shown above.
I did not create a CNAME entry.
Please tell me which of these steps needs to be changed and how to modify it.
After more trial and error, the answer seems to be
The Github custom domain should indeed be matrix.jeti.io
I did not need the apex records. In fact, Github emailed me discouraging it. So I deleted the apex records.
In OVH, I added a DNS CNAME entry like this:
The thing that was confusing me is that I thought that the CNAME entry needed to have a link to the original Github pages WITH the project name jeti.github.io/matrix. That was wrong. The target is simply jeti.github.io. (Note the period on the end).

MediaWiki: Take Login with me

I have got multiple wikis. They all use the same server, assets and domain. They use separate databases and subdomains like so:
de.[myPage].org
en.[myPage].org
es.[myPage].org
Somehow the Login information does not travel with the user, when subdomain is changed.
For Example: Whenever i am logged in as "Max" and change from
de.[myPage].org
to
en.[myPage].org
i get logged out/am not logged in anymore.
How do i fix this? It may be, that databases differ.
Login is done via cookies which contain a user token; if the token matches the one stored in the database, the system accepts you as logged-in. So, you need to share the user table by enabling $wgSharedDB, and you need to share the cookie (which by default your browser limits by domain name) by setting $wgCookieDomain to .[myPage].org.
If this is not an option (e.g. you already have established users in different databases which cannot be merged due to conflicts, or you have different second-level domains) the CentralAuth extension can provide more sophisticated single sign-on, but it's a bit of a pain to administer (as the big bold warning on the extension page suggests).

How do I protect a directory within github-pages?

I am building my personal website using Jekyll and hosting it at github-pages. I would like to have a password protected area (just password protected directory, not the whole website). I have tried a few options and tricks to get htaccess to work but failed.
I would like to know if someone managed to use htaccess, or any other method, to protect a directory on github-pages.
Listing solutions which did not work for me (or I failed to get them to work):
*Flohei.
*Jeremy Ricketts.
GitHubPages (like Bitbucket Pages and GitLab Pages) only serve static pages, so the only solution is something client side (Javascript).
A solution could be, instead of using real authentication, just to share only a secret (password) with all the authorized persons and implement one of the following scheme:
put all the private files in a (not listed) subdirectory and name that with the hash of the chosen password. The index page asks you (with Javascript) for the password and build the correct start link calculating the hash.
See for example: https://github.com/matteobrusa/Password-protection-for-static-pages
PRO:
Very simple approach protecting a whole subdirectory tree
CONS:
possible attack: sniffing the following requests to obtain the name of the subdirectory
the admins on the hosting site have access to the full contents
crypt the page with password and decrypt on the fly with javascript
see for example: https://github.com/robinmoisson/staticrypt
PRO: no plaintext page code around (decrypting happens on the client side)
CONS:
just a single page, and need to reinsert the password on every refresh
an admin could change your Javascript code to obtain the password when you insert it
One option is to use Cloudflare Access to control access at the DNS level.
After setting up a custom domain for your Git pages using Cloudflare for DNS, you can use their Access rules policy to require authentication at the specified url path.
This could still be bypassed if someone is familiar with bypassing DNS blocks.
https://www.cloudflare.com/products/cloudflare-access/
You can give a try to Jekyll Auth and if you run into troubles, this issue can be useful.
You can use Render to deploy your static Web app. It has a npm package that encrypted your html files and user can not see it in browser. So you can use frontend password validation.

Remove VIEW permission automatically from Guest Role when a site-page is added

In Liferay when a page is added to the Site it by default gives VIEW permission to the Guest role.
Is there any way (either through configuration or through hook or other) to disable this so that by default VIEW permission is disabled for Guest role when a new page is added to the Site?
Well, while page [Layout-in Liferay low level context] is added as Public page, Liferay assigns default permissions to GUEST role defined in sites.xml for Layout model.
Basically there are two ways to avoid it through ext development:
remove guest default permissions from sites.xml
change code in LayoutLocalServiceImpl in ext by over-riding addLayout method by having addGroupPermissions boolean value as false.
There are ways (through liferay Configuration and Ext) with which you can restrict VIEW of Site public pages for those Users who don't explicitly have that permission.
1st Approach
So this can be achieved by setting this property to false in portal-ext.properties:
permissions.check.guest.enabled=false
But by setting this property what will happen is that Guest role would make sense only for Users who have not logged-in, once the User logs-in even if there is a VIEW permission on Guest for a page or asset the User won't be able to view it unless the User has that permission.
So Guest role would be rendered completely useless even if you give all the permissions to Guest role.
For users who have not logged-in, you can send them to login page with some logic.
2nd approach
1) Updating site.xml in EXT-plugin to disable default VIEW permissions for guest while adding Site pages.
By doing so when site page is added, by default Guest role's view permission is unchecked.

Smarty template tag to check for FIRST user login - to pass message on initial login

I usually don't use Smarty but am in the process of editing a prebuilt app, that uses Smarty for templating. It's super easy to check for the login status, but I have searched the Smarty site, docs and the app vendors docs and cannot find a tag of function to check for the initial user login. We need to pass a message to the user at their first login only.. and instead of writing it out I am hoping there is a tag we can use within Smarty, since it's already being used.
Thanks!
You can not do this by Smarty.
To differ the initial login from a later one, you have to store this information somewere. One aproach would be to use PHP and store it in the user database table (table "user", field "first_login").
The other one would be to store it in a cookie on the client side. But I wount suggest it, for you can not rely on it, as the user can turn of cookies.
So you need to find out, weather your application already stores this information in the user db table. Which it does most likely not. Therefore you need to define the db field and set it after login (using PHP). Afterwards you can user $smarty->assign() in your PHP code to publish your message to smarty in case of first login.