Home » Ubuntu » [Liferay] How to install Liferay on Ubuntu, config virtualhost, connect to Active Directory, setup CAS for Liferay

[Liferay] How to install Liferay on Ubuntu, config virtualhost, connect to Active Directory, setup CAS for Liferay

By Alex - in , , - on 3/15/2014 - pencil
This document is a step by step guide on how to install Liferay on Ubuntu, CentOS, config virtualhost Apache, connect Liferay to Active Directory and setup  CAS for Liferay.

1. Setup Liferay on Ubuntu
S1. Installing Apache2, mySQL server and Java
apt-get install apache2
apt-get install mysql-server
sudo apt-get install python-software-properties
sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java7-installer
S2. Installing Liferay portal with tomcat
- Download the latest version of Liferay Portal Community Edition (eg v6.1.1) bundled with Tomcat at http://www.liferay.com/downloads/liferay-portal/available-releases
cd /tmp
wget http://nchc.dl.sourceforge.net/project/lportal/Liferay%20Portal/6.1.1%20GA2/liferay-portal-tomcat-6.1.1-ce-ga2-20120731132656558.zip
unzip liferay-portal-tomcat-6.1.1-ce-ga2-20120731132656558.zip
mv liferay-portal-6.1.1-ce-ga2 /usr/local/liferay
- Create a new MySQL database for Liferay
mysql -u root -p
password: enter mysql password for root
mysql> CREATE DATABASE DB_name DEFAULT CHARACTER SET utf8;
After running Tomcat, tables will be created with content in it.

S3. Connect liferay with mysql
- Create portal-ext.properties file
nano $LIFERAY_HOME/webapps/ROOT/WEB-INF/classes/portal-ext.properties
Add these lines into the file:
jdbc.default.driverClassName=com.mysql.jdbc.Driver
jdbc.default.url=jdbc:mysql://localhost/DB_name?useUnicode=true&characterEncoding=UTF-8&useFastDateParsing=false
jdbc.default.username=root
jdbc.default.password=PaSSw0rd
schema.run.enabled=true
schema.run.minimal=true
- Start Tomcat
cd $LIFERAY_HOME/bin
sudo ./startup.sh
tail -f ../logs/catalina.out //to view follow log
If you want running multi liferay portal on one machine (server), you need to change default ports (default connector port: 8080 - default shutdown port: 8005 - default AJP port: 8009 - default redirect port: 8443) at $TOMCAT_HOME/conf/server.xml. Example:


2. Use jk_mod convert tomcat port (8080) to web port default (80)
jk_mod is a module of apache2, support for ajp13 of tomcat

S1. Setup needed packages
sudo apt-get install libapache2-mod-jk
sudo apt-get install apache2-threaded-dev (dev package for debian)
S2. Create a file /etc/apache2/workers.properties
worker.list=worker1, worker2
worker.worker1.port=8009
worker.worker1.host=localhost
worker.worker1.type=ajp13
worker.worker1.lbfactor=1
worker.worker2.port=8109
worker.worker2.host=localhost
worker.worker2.type=ajp13
worker.worker2.lbfactor=1
S3. Add the line into the file /etc/apache2/mods-enabled/jk.load
LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so
JkWorkersFile /etc/apache2/workers.properties
JkLogFile /var/log/apache2/mod_jk.log
JkLogLevel debug
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
S4. In the file /etc/apache2/mods-enabled/jk.conf
Remove line:
#JkWorkersFile /etc/libapache2-mod-jk/workers.properties
S5. Create virtual host
Example a simple file virtual host default
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName qgs.vn
#DocumentRoot /var/www
JkMount / worker1
JkMount /* worker1
</VirtualHost>
ServerAdmin webmaster@localhost
ServerName chungkol.com
#DocumentRoot /var/www
JkMount / worker1
JkMount /* worker1
JkUnMount /chungkol.html worker1
ServerAdmin webmaster@localhost
ServerName demo.chungkol.com
#DocumentRoot /var/www
JkMount / worker2
JkMount /* worker2
* Solution 2: Add the new file virtual host and create soft-linked.
nano /etc/apache2/sites-enabled/chungkol.com
Copy from Example a simple file virtual host default and paste to file here.
ServerAdmin webmaster@localhost ServerName demo.qgs.vn #DocumentRoot /var/www JkMount / worker2 JkMount /* worker2
After, enable virtual host
a2ensite demo.chungkol.com
Note: 
- a2ensite same ln -s (create soft-link from sites-available to sites-enabled)
- JkMount / worker1 (Mount link / for worker1)
- JkUnMount /chungkol.html (Unmount link /qgs.html leave worker1, use link at Document Root

S6. Restart apache and tomcat.
service apache2 restart
/usr/local/liferay/tomcat/bin/shutdown.sh | tail -f ../logs/catalina.out
/usr/local/liferay/tomcat/bin/startup.sh & tail -f ../logs/catalina.out
3. Connect Liferay portal with Active Directory
S1. Select Control Panel/Portal/Portal Settings/Authentication/LDAP


S2. Define server name
Select Default Values is Microsoft Active Directory Server, chosse Reset Values
Server AD with domain chung.local - IP 192.168.2.235, OU Marketing. User: administrator
S3. Define Connection


S4. Define User
Important:
- In Authentication Search Filter, we change default value to (sAMAccountName=@screen_name@)
- In Email Address, we change default value to mail.


S5. Restart tomcat service
Liferay will import user from ldap users database, this process will be automatically imported tomcat cycle, we will not need to restart the tomcat service again.


4. Install CAS
S1. Deploy CAS
- Download the newest version of CAS at http://www.jasig.org/cas/download
cd /tmp
wget http://downloads.jasig.org/cas/cas-server-3.5.2-release.zip
unzip cas-server-3.5.2-release.zip
- Copy modul cas-server-webapp-version.war to tomcat folder
cd /tmp/cas-server-3.5.2/modules/
cp cas-server-webapp-3.5.2.war /usr/local/liferay/tomcat-7.0.27/webapps/cas.war
- Deploying new war file.
- Access http://demo.net/cas and testing with user/password test@liferay.com/test@liferay.com
S2. Connect CAS with AD
- Add these lines in file file $CAS/META-INF/maven/org.jasig.cas/cas-server-webapp/pom.xml
<dependency><groupid>org.jasig.cas<
/groupid> </dependency><dependency><artifactid>cas-server-support-ldap</artifactid> </dependency><dependency><version>${project.version}</version> </dependency>
- Edit the $CAS/WEB-INF/deployerConfigContext.xml file Config BindLdapAuthenticationHandler
<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
<property name="filter" value="sAMAccountName=%u">
<property name="searchBase" value="cn=people,dc=example,dc=com">
<property name="contextSource" ref="contextSource">
<property name="ignorePartialResultException" value="yes">
<!--fix because of how AD returns results -->
</property></property></property></property></bean>
<bean class="org.springframework.ldap.core.support.LdapContextSource" id="contextSource">
<property name="pooled" value="true">
<property name="urls">
<list>
<value>ldap://192.168.3.130/</value>
</list>
</property>
<property name="userDn" value="cn=admin,dc=example,dc=com">
<property name="password" value="1234567">
<property name="baseEnvironmentProperties">
<map>
<entry>
<key>
<value>java.naming.security.authentication</value>
</key>
<value>simple</value>
</entry>
<entry>
<key>
<value>com.sun.jndi.ldap.connect.timeout</value>
</key>
<value>30000</value>
</entry>
<entry>
<key>
<value>com.sun.jndi.ldap.read.timeout</value>
</key>
<value>30000</value>
</entry>
</map>
</property>
</property></property></property></bean>
S3. Config CAS Authentication in liferay portal
After CAS authentication successful, we will config CAS authentication in liferay portal.
- Select Control Panel/Portal/Portal Settings/Authentication/CAS
- Checked: Enable, Import from LDAP (if username dont exist in database of liferay, it will import from AD server throught LDAP)
- Define another value same figure below.