Uploaded image for project: 'PUBLIC - Liferay Portal Enterprise Edition'
  1. PUBLIC - Liferay Portal Enterprise Edition
  2. LPE-16956

Strangers can always create an account using SSO authentication (Open SSO)

Details

    • 3
    • 6.5
    • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

    Description

      In Liferay DXP 7.1 and DXP 7.0, SSO authentication does not respect the setting, "Allow strangers to create accounts?" If SSO authentication is enabled, users who authenticate using Facebook, Google, OpenID, OpenID Connect or OpenSSO can create an account even if strangers are not allowed to create accounts.

      Attachments

        Activity

          People

            support-ee EE Support
            tibor.lipusz Tibor Lipusz
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Packages

                Version Package
                7.0.X EE
                7.1.x EE