Forem: Saravanan Muniraj

Building Custom AutoLogin Module for Liferay Integration with Azure AD B2C

Saravanan Muniraj — Tue, 31 Mar 2026 16:36:27 +0000

Azure AD B2C provides a robust, cloud-based identity management solution that offers secure authentication, multi-factor authentication support, and seamless integration with enterprise systems. When combined with Liferay's flexible portal capabilities, you get a powerful platform that can handle complex authentication scenarios while maintaining a great user experience.

The Solution: Custom AutoLogin Module

The approach involves creating a custom AutoLogin component that intercepts the authentication flow, validates tokens from Azure B2C, and automatically logs users into Liferay. Let's break down the implementation.

Step 1: Create the AutoLogin Class

First, we need to create a class that extends BaseAutoLogin. This class will handle the authentication logic:

public class WebsiteAutoLogin extends BaseAutoLogin {

    @Reference
    private UserLocalService userLocalService;

    private RestTemplate restTemplate;

    @Activate
    public void activateComponent() {
        restTemplate = new RestTemplate();
    }
}

The @Reference annotation injects Liferay's UserLocalService, which we'll use to look up users. The RestTemplate is initialized during component activation and will be used for making HTTP calls to Azure B2C.

Step 2: Implement the doLogin Method

The core authentication logic resides in the doLogin method:

public String[] doLogin(HttpServletRequest request, HttpServletResponse response)throws AutoLoginException {

    // 1) Extract the ID token from the request
    String code = ParamUtil.getString(request, "id_token");

    // 2) Exchange code for ID token - Call the B2C REST API
    String tokenEncodedString = retrieveAzureToken(code);

    // 3) Decode the JWT payload
    JSONObject payload = decodeJWTToken(tokenEncodedString);

    // 4) Extract user identifier from the token
    String screenName = payload.getString("MatchingScreenName");

    try {
        long companyId = PortalUtil.getCompanyId(request);
        // 5) Fetch existing user by screen name
        User user = userLocalService.fetchUserByScreenName(companyId, screenName);

        // 6) Return credentials for auto-login
        return new String[] {
            String.valueOf(user.getUserId()),
            user.getPassword(),
            Boolean.TRUE.toString()

        };

    } catch (Exception e) {
        logger.error("Error during user login or creation: " + e.getMessage(), e);
        return null;
    }

}

This method performs the following steps:

Extracts the authorization code or ID token from the incoming request
Exchanges this code with Azure B2C to obtain a valid token
Decodes the JWT token to extract user information
Looks up the corresponding Liferay user
Returns the authentication credentials for automatic login
Step 3: Token Retrieval from Azure B2C

The retrieveAzureToken method handles communication with Azure B2C's token endpoint:

private String retrieveAzureToken(String authorizationCode) {
    try {
        // Get the token endpoint URL
        String tokenEndpoint = getTokenEndpoint();
        // Create HTTP headers
        HttpHeaders headers = new HttpHeaders();
        headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        // Encode the redirect URI
        String redirectUri = URLEncoder.encode("YOUR_REDIRECT_URL", "UTF-8");
        // Build form parameters
       MultiValueMap<String, String> formParams = new LinkedMultiValueMap<>();
        formParams.add("client_id", B2C_AZURE_CLIENT_ID);
        formParams.add("client_secret", B2C_AZURE_CLIENT_SECRET);
        formParams.add("code", authorizationCode);
        formParams.add("grant_type", AUTH_GRANT_TYPE);
        formParams.add("redirect_uri", redirectUri);
        // Create and send the request
        HttpEntity<MultiValueMap<String, String>> requestEntity =
            new HttpEntity<>(formParams, headers);
        ResponseEntity<String> response = restTemplate.postForEntity(
            tokenEndpoint,
            requestEntity,
            String.class

        );
        // Parse and return the ID token
        JSONObject jsonObject = JSONFactoryUtil.createJSONObject(response.getBody());
        return jsonObject.getString("id_token");
    } catch (Exception e) {
        logger.error("Exception occurred on B2C Azure Token Request: " + e);
    }

    return null;
}

Step 4: JWT Token Decoding

The JWT token returned by Azure B2C needs to be decoded to extract user claims:

public static JSONObject decodeJWTToken(String token) {
    try {
        if (Validator.isNull(token)) return null;
        // Split the token into header, payload, and signature
        String[] parts = token.split("\\.");
        // Decode the payload (second part) from Base64
        return JSONFactoryUtil.createJSONObject(decode(parts[1]));
    } catch (Exception e) {

        logger.error("Exception occurred while decoding the JSON token: " + e.getMessage());
    }
    return null;
}

Configuration Requirements

Before deploying this module, ensure you have the following configured:

Azure AD B2C Configuration:

Register your application in Azure AD B2C
Configure the redirect URIs
Note your Client ID and Client Secret
Set up the appropriate user flows (sign-in, sign-up)
Liferay Configuration:

Deploy the custom AutoLogin module
Configure the module with your Azure B2C credentials
Ensure users exist in Liferay with matching screen names
Security Considerations

When implementing this solution, keep these security best practices in mind:

Secure credential storage: Store your Azure B2C client secrets in Liferay's secure configuration, not in code
Token validation: Always validate the JWT token's signature and expiration before trusting its claims
HTTPS only: Ensure all communication happens over HTTPS
Error handling: Implement proper error handling to avoid exposing sensitive information
Logging: Log authentication events for auditing, but never log sensitive token data

Conclusion

Integrating Azure AD B2C with Liferay through a custom AutoLogin module provides a secure and seamless authentication experience. This approach leverages Azure's enterprise-grade identity management while maintaining Liferay's flexibility and extensibility.

The complete implementation gives you a foundation that can be extended to support additional features like user provisioning, role mapping based on Azure AD groups, and multi-factor authentication.

Convert an Excel dataset into a SQL insert statement

Saravanan Muniraj — Wed, 06 Nov 2024 18:52:25 +0000

Utilizing Python makes converting Excel files to SQL databases a straightforward process.

To begin, export the Excel data to a CSV file by following these steps:

Open your Excel file.
Navigate to File > Save As.
Select CSV (Comma delimited) (*.csv) as the file type and save the file.

By following these simple instructions, you can seamlessly transition your Excel data into a format that is compatible with SQL databases.

FIRST_NAME LAST_NAME EMAIL USER_ID USER_LOGIN_NAME
First01 Last01 firstlastname01 ID001 loginname01
First02 Last02 firstlastname02 ID002 loginname02
First03 Last03 firstlastname03 ID003 loginname03
First04 Last04 firstlastname04 ID004 loginname04
First05 Last05 firstlastname05 ID005 loginname05
First06 Last06 firstlastname06 ID006 loginname06
First07 Last07 firstlastname07 ID007 loginname07
First08 Last08 firstlastname08 ID008 loginname08

Utilize a script or tool to convert CSV files to SQL format. For instance, you can employ a Python script to parse the CSV file and create SQL insert statements. Below is a basic Python script to help you begin the conversion process:

import pandas as pd

# Read the CSV file into a DataFrame
df = pd.read_csv('D:/temp/test/TestExcel.csv') # Add the path to your CSV file

# Generate SQL insert statements
table_name = 'Test_Table_Name' # Replace with your desired table name
sql_statements = []

for index, row in df.iterrows():
    columns = ', '.join(row.index)
    values = ', '.join([f"'{str(value)}'" for value in row.values])
    sql_statements.append(f"INSERT INTO {table_name} ({columns}) VALUES ({values});")

# Save to a file
with open('D:/temp/test/insert_statements.sql', 'w') as f:
    for statement in sql_statements:
        f.write(statement + '\n')

The following are the results of the scripts generated by the code above.

INSERT INTO Test_Table_Name (FIRST_NAME, LAST_NAME, EMAIL, USER_ID, USER_LOGIN_NAME) VALUES ('First01', 'Last01', 'firstlastname01', 'ID001', 'loginname01');
INSERT INTO Test_Table_Name (FIRST_NAME, LAST_NAME, EMAIL, USER_ID, USER_LOGIN_NAME) VALUES ('First02', 'Last02', 'firstlastname02', 'ID002', 'loginname02');
INSERT INTO Test_Table_Name (FIRST_NAME, LAST_NAME, EMAIL, USER_ID, USER_LOGIN_NAME) VALUES ('First03', 'Last03', 'firstlastname03', 'ID003', 'loginname03');
INSERT INTO Test_Table_Name (FIRST_NAME, LAST_NAME, EMAIL, USER_ID, USER_LOGIN_NAME) VALUES ('First04', 'Last04', 'firstlastname04', 'ID004', 'loginname04');
INSERT INTO Test_Table_Name (FIRST_NAME, LAST_NAME, EMAIL, USER_ID, USER_LOGIN_NAME) VALUES ('First05', 'Last05', 'firstlastname05', 'ID005', 'loginname05');
INSERT INTO Test_Table_Name (FIRST_NAME, LAST_NAME, EMAIL, USER_ID, USER_LOGIN_NAME) VALUES ('First06', 'Last06', 'firstlastname06', 'ID006', 'loginname06');
INSERT INTO Test_Table_Name (FIRST_NAME, LAST_NAME, EMAIL, USER_ID, USER_LOGIN_NAME) VALUES ('First07', 'Last07', 'firstlastname07', 'ID007', 'loginname07');
INSERT INTO Test_Table_Name (FIRST_NAME, LAST_NAME, EMAIL, USER_ID, USER_LOGIN_NAME) VALUES ('First08', 'Last08', 'firstlastname08', 'ID008', 'loginname08');

Please note that there are online tools available to convert CSV files to SQL insert statements. It is important to exercise caution when using these tools to avoid exposing sensitive data. In some cases, the company may have blocked access to certain websites for security reasons.

A Simple Guide to Loading an Entire PDF into a List of Documents Using Langchain

Saravanan Muniraj — Thu, 03 Oct 2024 02:51:29 +0000

Before diving into the code, it is essential to install the necessary packages to ensure everything runs smoothly. You can do this by executing the following commands in your terminal:

pip install langchain_community
pip install pypdf

from langchain_community.document_loaders import PyPDFLoader
from langchain.text_splitter import RecursiveCharacterTextSplitter

# Load the PDF file from the specified path.

FILE_PATH = "c:/work/Test01.pdf"

loader = PyPDFLoader(file_path=FILE_PATH)

# Load the entire PDF into a list of documents

text_splitter = RecursiveCharacterTextSplitter(chunk_size=500, chunk_overlap=50)

documents = loader.load_and_split(text_splitter)

for i in range(len(documents)):
    print(documents[i].page_content + "\n")```

Integrating SendGrid SMTP Mail with Liferay

Saravanan Muniraj — Wed, 04 Sep 2024 17:33:08 +0000

SendGrid is a mail relay service that operates through APIs and cloud-based technology. As the leading provider of email delivery services, we understand the importance of ensuring that your emails are delivered without any issues or being caught in filters. That is why SendGrid has optimized our mail transfer agent (MTA) and developed efficient tools for managing deliverability.

You have multiple options to begin using SendGrid.
To utilize the API, you must complete the following steps:

Establish a SendGrid Account.
Generate an API Key. Consult the Sendgrid documentation for instructions on creating an API key.

The Liferay Support SMTP service operates as a means of transmitting emails from one mail server (or mail client) to another over the Internet. SendGrid primarily serves as a third-party SMTP service, allowing us to send emails on behalf of our users and their clients in order to enhance their delivery rates. By signing up for a SendGrid account, you gain access to our SMTP mail servers and have the option to send your emails through us instead of using a webmail client or your own server.

The built-in mail session of Liferay DXP is the most convenient method for configuring mail and is highly recommended. You can set up the built-in mail session using any of the following approaches:
• Control Panel
configure the mail session from the Control Panel.

Sign in as the administrative user (the user you specified on the Basic Configuration page).
Navigate to Control Panel → Configuration → Server Administration → Mail.

Outgoing SMTP Server: smtp.sendgrid.net
Outgoing Port:25
User Name:apikey
Password:< API Key >

Convert all the first letters in a statement to capital letters

Saravanan Muniraj — Sat, 30 Dec 2023 05:37:46 +0000

To convert all the first letters in a statement to capital letters, you can achieve this by checking if the addresses stored in the database are all in lowercase and then display them with the first letter capitalized using Java.

private static String capitalizeFirst(String word) {
    return word.substring(0, 1).toUpperCase()
      + word.substring(1).toLowerCase();
}


public static String capitalizeAllFirstLetters(String address){

    Pattern pattern = Pattern.compile("^[A-Z,a-z]");
    String[] addressArray = address.split(" ");
    StringBuffer afterChangesAddress = new StringBuffer();

    for(int i=0;i<addressArray.length;i++){
         Matcher m = pattern.matcher(addressArray[i]);
          if(m.find()){
              afterChangesAddress.append(capitalizeFirst(addressArray[i])).append(" ");
         }else{
             afterChangesAddress.append(addressArray[i]).append(" ");
         }
    }
    return afterChangesAddress.substring(0, afterChangesAddress.lastIndexOf(" "));

 }




public static void main(String[] args) {


    String str = capitalizeAllFirstLetters("1180 seven seats dr, orlando, fl 3283");

    System.out.println(str);

}

Output:
1180 Seven Seats Dr, Orlando, Fl 3283

Eliminate duplicate values in a table

Saravanan Muniraj — Thu, 28 Dec 2023 04:00:00 +0000

In SQL server, the "PARTITION BY" clause is utilized to divide a result set into partitions depending on the values of one or more columns. This feature can be employed to eliminate duplicate values in a table.

WITH CTE AS
(
SELECT *,ROW_NUMBER() OVER (PARTITION BY Column_Name ORDER BY Column_Name ) AS RN
FROM Table_Name
)

DELETE FROM CTE WHERE RN<>1

com.liferay.petra.process.ProcessException: java.lang.OutOfMemoryError: Unable to process file version

Saravanan Muniraj — Thu, 28 Dec 2023 03:26:34 +0000

Issue
Liferay Site goes down due to outofMemoryError. When someone upload the inappropriate PDF file in Liferay Media and Document
The flowing error message thrown:

[liferay/document_library_pdf_processor-1][BaseProcessorMessageListener:40] Unable to process file version 123456
java.util.concurrent.ExecutionException: com.liferay.petra.process.ProcessException: java.lang.OutOfMemoryError
at java.util.concurrent.FutureTask.report(FutureTask.java:122)
at java.util.concurrent.FutureTask.get(FutureTask.java:206)
[ommited]
Caused by: com.liferay.petra.process.ProcessException: java.lang.OutOfMemoryError: Java heap space
at com.liferay.petra.process.local.LocalProcessLauncher.main(LocalProcessLauncher.java:153)
Caused by: java.lang.OutOfMemoryError: Java heap space
at java.awt.image.DataBufferInt.(DataBufferInt.java:75)
at java.awt.image.Raster.createPackedRaster(Raster.java:467)
at java.awt.image.DirectColorModel.createCompatibleWritableRaster(DirectColorModel.java:1032)
at java.awt.image.BufferedImage.(BufferedImage.java:324)

How Can I fix this error?
Environment
Liferay DXP 7.1

Resolution
Run the below SQL script and get the file details:
SELECT USERNAME,CREATEDATE,MODIFIEDDATE,FILENAME,TITLE,SIZE_ FROM DLFILEENTRY (NOLOCK) WHERE FILEENTRYID IN
(SELECT FILEENTRYID FROM DLFILEENTRYMETADATA (NOLOCK) WHERE FILEVERSIONID IN (123456))

Remove the file from Liferay document and media.
Ensure that all content/pages of the PDF file are in the same layout orientation throughout the file. All pages must either be in portrait or landscape orientation — the file cannot contain a mixture of portrait and landscape sizes.
Once you have verified that the pages are in the same orientation, save the PDF files using the Save as Optimized option via Adobe Acrobat Pro. This will compress the file size and remove unnecessary code for faster viewing.