Enterprise Collaboration with Liferay
Onward to Apache Land
Install Apache as described by your Linux vendor, or go to the /opt/install directory and untar the Apache source:
tar -zxvf httpd-2.2.4.tar.gz
See the Apache server documentation  for more on building Apache from source. Keep in mind that your web server will need to access Java functionality through Apache Tomcat. The mod_jk module facilitates communication between the Apache web server and Tomcat. Create a workers.properties file for mod_jk:
A sample file is shown in Listing 3. Next, place the mod_jk apache module
cp /opt/install/ mod_jk-1.2.25-httpd-2.2.4.so / opt/apache2/modules/mod_jk.so
and edit the httpd.conf file:
vi /opt/apache2/ conf/httpd.conf
Make sure and set the user and groups for Apache to run under to user "apache" and group "apache." Also, don't forget the ServerAdmin directive. Add the following lines in with the other include directives:
# Include mod_jk Include /opt/apache2/conf/mod_jk.conf
Now, create the config file for the tomcat connector
and create the default vhost configuration file. Make a directory in which to put vhosts:
and create the vhost file.
Listing 4 is a default vhost that kicks anything that doesn't fit another vhost over to a w3 (intranet) site.
01 workers.tomcat_home=/opt/liferay-4.4.2 02 workers.java_home=/opt/tools/java/jdk1.6.0_02 03 ps=/ 04 worker.list=ajp13 05 worker.ajp13.port=8009 06 worker.ajp13.host=localhost 07 worker.ajp13.type=ajp13 08 worker.ajp13.lbfactor=1 09 worker.loadbalancer.type=lb 10 worker.loadbalancer.balanced_workers=ajp13 11 worker.inprocess.type=jni 12 worker.inprocess.class_path=$(workers.tomcat_home)$(ps)lib$(ps)tomcat.jar 13 worker.inprocess.cmd_line=start 14 worker.inprocess.stdout=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stdout 15 worker.inprocess.stderr=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stderr
01 NameVirtualHost 192.168.25.129 02 <VirtualHost 192.168.25.129> 03 ServerName nonexist.testdomain.com 04 RedirectPermanent / http://w3.testdomain.com 05 DocumentRoot /opt/apache2/htdocs 06 </VirtualHost> 07 <VirtualHost 192.168.25.129> 08 ServerName w3.testdomain.com 09 ServerAdmin email@example.com 10 DocumentRoot /opt/liferay-4.4.2/webapps/ROOT 11 UseCanonicalName Off 12 ErrorLog /var/log/w3-error.log 13 CustomLog /var/log/w3-access.log combined 14 HostnameLookups On 15 16 <Directory "/opt/liferay-4.4.2/webapps/ROOT"> 17 Options Indexes FollowSymLinks 18 SetOutputFilter Deflate 19 #Order Deny,Allow 20 Deny from all 21 </Directory> 22 23 <IfDefine SSL> 24 SSLEngine off 25 </IfDefine> 26 27 <Location "/WEB-INF/*"> 28 deny from all 29 </Location> 30 31 <Location "/META-INF/*"> 32 deny from all 33 </Location>
Remember to change your IP address to match your server's IP address. The Jkmount directives tell Apache what to get from Tomcat.
Note that every vhost-- even the ones handled with Liferay – must have an entry in Apache's config. This entry ensures that any weird hostname that might be requested will go directly to the default page. This will also prevent users from adding their own vhosted domains without having access to the Apache configs.
So that Apache looks for this file instead of the default vhost config, edit http.conf by replacing:
# Virtual hosts Include conf/extra/httpd-vhosts.conf
# Virtual hosts Include /opt/apache2/conf/vhosts/*.conf
Now set up Apache as a service:
chkconfig --add apache2 chkconfig apache2 on
and bounce Apache and Tomcat:
service apache2 restart service liferay restart
You should now be able to access Liferay through w3.testdomain.com (replace testdomain with your domain). You must have a DNS record for w3 pointing to the proper IP address (or an entry in your hosts file).
Setting up Your Site
If you are configuring Liferay to act as an intranet portal on an actual production network, you'll probably want to tie Liferay to your organization's user database. On our network, Liferay uses an Active Directory server for authenticating users. Other approaches are also possible depending on the structure of your network. Consult the Life-ray user forums or your favorite search engine. Because authentication techniques vary, this article will not cover the topic, but keep in mind that one of the principal benefits of Liferay is to create communities of users within the network for the purpose of sharing content, and this process works best when it is tied into the network's existing user database.
Once you have logged into the system, add the Communities Portlet by mousing over the Welcome button in the upper right corner of the page (Figure 1), selecting Add Application in the toolbar on the left, and selecting Community | Communities (add) (Figure 2). Use this portlet to create a community for each department.
Next, assign members to communities by browsing to the All Communities tab and selecting Actions | Assign Members, select the User Groups tab and then the Available tab, then select the user group you want to map to the community. Commit the changes with the Update Associations button. Do this for every community except for Guest.
Add the Enterprise Admin portlet to the home page and select the >> button. Select the Settings tab and fill in the following information: Name and Mail Domain. Next, go to the Default User Associations tab and list the Guest community in the Community Names box (Figure 3). This will ensure that all users can browse the Guest community pages while they are logged in. Commit your changes with the Save button.
After you have installed Liferay and organized the space into user communities, it is easy to add new content pages to the site. Go back to the home page and mouse over the Welcome button and select the Manage Pages option (Figure 4). You can create a public or private page for any of the Liferay communities. Next, mouse over the Welcome button and go to My Places. From here, you can edit the layout of each community's site structure.
Liferay is a big, complex system. Just getting Liferay installed and working is the first and largest hurdle. After that, you can easily use Liferay as a central, reasonably secure approach to collaboration and information dissemination.
Buy this article as PDF
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.