Roles and Permissions in liferay

Roles and Permissions in Lifeary 

Role is a collection of permissions. In liferay, We can create role  and assign this particular role to any user. After assigning, this user will inherit all the assigned permisions. There are different kind of roles in liferay:

1) Regular Role

2) Organizaition Role

3) Site role

To define permissions of role (either you can create a separate role or you can modify existing role), Login with administrator user in liferay and go to CONTROL PANEL.

In left hand side panel (inside portal section), there is “Roles” menu. Click on this Roles, you can  see list of available roles in liferay portal.

Now, to see what actions are available, click on “Actions” button. After clicking you can see different options, such as:

Edit: lets you change the name, title or description of the role.

Permissions: allows you to define which users, user groups or roles have permissions to edit the role.

Define Permissions: defines what permissions this role grants. This is outlined in the next section.

Assign Members: lets you search and select users in the portal to be assigned to this role. These users will inherit any permissions that have been assigned to this role.

View Users: allows you to view the users who have been assigned to this role.

Now, lets see how to define permission for any role.

Click on “Define permissions”  menu. Liferay will redirect to Define permissions page where you can see portlets list and assigned permissions which have been already assigned to this role.

Now, suppose if we want to provide functionality to any organization user to add iframe on the page, we can do this by following steps: ,

Search that specific portlet (IFRAME) in “Add permission” drop down list. You can see that list  above of portlet list on the same page.

When you select portlet, it shows the list of permission which we can change. e.g Add to Page, Configurations, Permissions, View.  You can check/Uncheck permissions according to your requirement.  Check “Add to Page” and Save. Assign this role to any user.

Embedding highcarts in HDI

                                                                               Embedding highcarts in HDI


We can embed highcharts( in HDI (Helical Dashboard Insight).

To use highcharts, download latest version of highcharts. You can download from below mentioned link:

Here, I am embedding a simple highcharts. You can find highcharts example on

1)    EFW file:- Create one EFW extension file. EFW contain the Title, author, description, Template name, visibility of the Dashboard.

2)   HTML file:  Create one html extension file. HTML file contains html code and HDI components such as SELECT, CUSTOM SCRIPT, DATE PICKER etc. We are going to use custom component:

Html file will look like this:

// Highcharts SRC scripts url

<script src=””></script>

<script src=””></script>

<script src=””></script>

// Dummy htmlobject for scutom script (runScript)

<div id=”chartContainer”></div>

// htmlobject for rendering the highcharts

<div id=”realtimeGraph”  style=”height: 300px;”></div>

//Now we write script and define components


dashboard = Dashboard;

var runScript = {

name: “runScript”,

type: “custom”,

requestParameters :{

“m_name” : “m_name”,

“sDate” : “sDate”,

“eDate” : “eDate”,

“org_id” : “org_id”,

“timeZone”: “timeZone”,




listeners: [“m_name”,”sDate”,”eDate”],

htmlElementId: “#chartContainer”,

customScript: function(a,b){

$.getJSON(‘’, function (chartdata) {


chart: {

type: ‘arearange’,

zoomType: ‘x’


title: {

text: ‘Temperature variation by day’


xAxis: {

type: ‘datetime’


yAxis: {

title: {

text: null



tooltip: {

crosshairs: true,

shared: true,

valueSuffix: ‘°C’


legend: {

enabled: false


series: [{

name: ‘Temperatures’,

data: chartdata





executeAtStart: true


// Now create one array of initialized components:

var components = [runScript];

// Now initialize defined components.


#realtimeGraph: It is a div ID where highcarts will be renderd.

Here we go. You can see highcharts in your HDI reports.



Jasper Server External Database Authentication

                                                                 JasperServer External Database Authentication

Jasper Report Server can be configured to perform authentication and authorization using external table.

This kind of authentication can be used when an application is using any other database to store users, roles and organization data, and if it wants jasper server to sync-up data and create same users, roles and organization information what it has stored in database. It also can be used to set up environment for SSO.
We need to configure jasper server to use this authentication process.

Steps to configure Jasper server

Copy <JS_INSTALL>/samples/externalAuth-sample-config/sample-applicationContext-externalAuth-db.xml to /WEB-INF directory.

Rename copied file to applicationContext-externalAuth-db-mt.xml.
Now, edit and configure beans of applicationContext-externalAuth-db-mt.xml.

Find below mentioned bean tag and configure according to your requirement. This tag is used for database parameters. Here, I am using mysql for external database authentication.

<bean id=”externalDataSource” class=”org.springframework.jdbc.datasource.DriverManagerDataSource”>

        <property name=”driverClassName” value=”com.mysql.jdbc.Driver”/>

        <property name=”url” value=”jdbc:mysql://localhost:3306/jasper_external”/>

        <property name=”username” value=”user”/>

        <property name=”password” value=”****”/>

NOTE: For testing purpose, you can create same database structure as jasper server use for authentication.

Find “externalUserTenantDetailsService” bean tag and configure: E.g.

<bean id=”externalUserTenantDetailsService”    class=””>

        <property name=”dataSource” ref=”externalDataSource”/>

        <property name=”usersByUsernameAndTenantNameQuery” value=”SELECT u.username, u.password, t.org_name FROM h_users u LEFT JOIN organization t ON u.org_id = WHERE username =?”/>

        <property name=”authoritiesByUsernameQuery” value=”SELECT u.username, r.role_name FROM h_users u, user_role ur, role r WHERE = ur.user_id and and u.username = ?”/>

        <property name=”multiTenancyConfiguration”><ref bean=”multiTenancyConfiguration”/></property>


NOTE: You can change table name, column names but sequence of column should not be changed in written query. Here, you can see I am using h_users table (custom table) instead jiuser (which is used by jasperserver) and column names are also different e.g. role_name.
This bean is responsible for queries which will be executed by jasperserver to use authentication.

Retrieving roles from database:
Configure “mtExternalUserSetupProcessor” bean to map the external information to roles in jasperserver.
• defaultInternalRoles property – A list of internal roles assigned to the external user by default.
• organizationRoleMap property – A list of key/value pairs that maps external role names to internal ones.

For commercial JasperReports Server deployments, you need to choose the level at which the role is assigned:

• To map to an internal role at the organization level, append |* to the name of the internal role, for example, ROLE_EXTERNAL_USER|*. Roles mapped at the organization level do not have administrative privileges.
• To map to an internal role at the system (null) level, do not modify the internal role name, for example, ROLE_EXTERNAL_ADMINISTRATOR. Roles at the system level are usually reserved for special users such as the system administrator and allow access to the repository folder of all other organizations.

The following example shows how to configure organizationrolemap:

<property name=”organizationRoleMap”>
    <map>                <entry>                                <key>                                                <value>ROLE_ADMIN</value>






Restart Jasper server.






File locking provides a very simple yet incredibly useful mechanism for coordinating file accesses. Before I begin to lay out the details, let me fill you in on some file locking secrets:-

There are two types of locking mechanisms: mandatory and advisory.

– Mandatory systems will actually prevent read() and write() to file.

– There are two types of (advisory!) locks: read locks and write locks (also referred to as shared locks and exclusive locks, respectively.)


Here I am demonstrating READ-LOCK …

In  my  case , I want  to reduce CPU usage which  takes very  high CPU usage % in case of accessing Sqlite3  by  two  application simultaneously.

To solve  this problem  I  applied  lock  file  concept  to synchronizes  applications ,

I applied it for three different applications.


Steps followed while creating lock file:-


– Finalize  File Name (xyz.lock)

– Finalize  lock file  location

– Before running  application , check lock file is  present or not

if(getlock(lockfile)== 1) :: Lock file is not present

– If lock file is not present  then create  lock file

int lockstatus = setlock(lockfile);

– After  completion  of job  delete lock file


Removelock (lockfile)

– If  lock file is  present  then sleep  for  sometime then again check for lock file

– While creating lock file, handle unexpected application closing mechanism to avoid trouble when next time application needs to be run.


Note: Extension of lock file is (abc.lock)

Note: Remove lock file when application is forcefully terminating (ctrl + C)


(Example of lock file in c using semaphores : –  )


JSON – Brief Introduction

JSON stands for JavaScript Object is  lightweight .It gives us text-based open standard designed for human-readable  collection of data that we can access in a really logical manner.

It is used primarily to transmit data between a server and web application, as an alternative to XML.

Although originally derived from the JavaScript scripting language, JSON is a language-independent data format, and code for parsing and generating JSON data is readily available in a large variety of programming languages.


JSON is built on two structures:

A collection of name/value pairs. In various languages, this is realized as an object, record, struct, dictionary, hash table, keyed list, or associative array.

An ordered list of values. In most languages, this is realized as an array, vector, list, or sequence.



Steps to create json in java.

Jar files required for json







Put all the above jar files in WEB-INF/lib folder

create a class to create convert data into json

package com.helical.efw.json;

import java.util.List;

import java.util.Map;

import net.sf.json.JSONObject;

public class ConvertJson {


public void CommonJson(Map<String, List<Buble>> commonList)


String jsonString;

//Suppose in commonList data comming in this format

//{children=[{name=1, size=0.0000}, {name=2, size=0.0000},

//{name=3, size=0.4000}, {name=4, size=0.5882}, {name=5,


JSONObject json = new JSONObject();








Public class JsonProducer{

public static void main(String[] args) throws IOException {

ConvertJson cjson=new ConvertJson();



JSONObject is a class in which there are so many methods available.


JSONObject.accumulateAll(Map) :-It Accumulate values under a key

JSONObject.getJSONObject(java.lang.String key ):-we can get  get the JSONObject value associated with a key.