Redirecting Post Values from Third Party application to Liferay

 

Whenever we do Post in Liferay, Liferay will auto generate P_auth token. 

But whenever we are doing posting(Post Request) from third party application and redirecting to Liferay application ,  liferay application will expect p_auth token. But third party applications cannot provide p_auth as it is Liferay specific. 

But in liferay, we can design to ignore p_auth token for specific URL.

First, Write a below class to ignore Auth token for specific URL

@Component(

immediate = true,

property = {

"auth.token.ignore.mvc.action=true",

"javax.portlet.name=" + SamplePortletKeys.PortletName,

"mvc.command.name=/redirect/liferay"

},

service = MVCActionCommand.class

)

public class RedirectPath extends BaseMVCActionCommand { }

Here we have created MVCActionCommand Class 

1. auth.token.ignore.mvc.action=true

            This Property will ensure to ignore p_auth token.

     2. "mvc.command.name=/redirect/liferay"

           Here we have specified the property of the URL to ignore p_auth token,

In Redirect class, we have extended BaseMVCActionCommand it means we need to override doProcessAction Method

Second, In Third Party application we need to construct a URL as below to redirect to liferay specific URL.

<form action="http://localhost:8080/web/guest/home?p_p_id=<portlet-name>&p_p_lifecycle=1&<portlet namespace>javax.portlet.action=/redirect/liferay" method="post">

p_p_id should be as portlet name

In  MVC Action Command class we have mentioned URL, so same needs to mention in URL as <portlet namespace>javax.portlet.action=/redirect/liferay

p_p_lifecycle=1 means it is of type POST request.

If we didn't mention "auth.token.ignore.mvc.action=true" then we will get as below error

User 0 is not allowed to access URL %s and portlet %s

We can refer SecurityPortletContainerWrapper class for more details. Refer processAction method.