Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-102148

LDAP credentials are altered when you return to edit a saved LDAP Server in the UI

    Details

      Description

      After setting up an LDAP server in the UI, if you go back to edit it, Liferay somehow changes your principal's credentials, even without your intervention. This becomes an issue when you edit other configurations in the LDAP server, because now you have to remember to re-input the password. I believe the reason is that when Liferay obfuscates the password, it changes it to a different password, so when you click on Save, the password is now incorrect.

      To get Liferay to successfully connect again, you have to re-input the principal's credentials.

      Steps to Reproduce
      1. Go to Control Panel -> Instance Settings -> Click on LDAP
      2. Setup an LDAP server, verify that it connects successfully, then Save
      3. Go back and click on Edit on the LDAP server you made in Step 2
      4. Click on "Test LDAP Connection" - it should successfully connect
      5. Click on Save
      6. Once again, click on Edit on the LDAP server you made in Step 2
      7. Click on "Test LDAP Connection"

      Result: Liferay will fail to connect to your LDAP
      Expected: It should successfully connect

      This issues does not occur if you click on Cancel in Step 5 below

      Errors

      2019-09-23 22:02:00.101 WARN  [http-nio-8080-exec-2][DefaultPortalLDAP:184] Unable to bind to the LDAP server
      javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580_] [Sanitized]
      	at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3154)
      	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3100)
      	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2886)
      	at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2800)
      	at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
      	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
      	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
      	at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
      	at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
      	at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
      	at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
      	at javax.naming.InitialContext.init(InitialContext.java:244)
      	at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
      	at com.liferay.portal.security.ldap.internal.DefaultPortalLDAP.getContext(DefaultPortalLDAP.java:180)
      	at com.liferay.portal.settings.authentication.ldap.web.internal.util.PortalLDAPUtil.getContext(PortalLDAPUtil.java:55)
      	at org.apache.jsp.com_liferay_portal_settings_web.test_005fldap_005fconnection_jsp._jspService(test_005fldap_005fco
      ...
      

      Testing
      Reproduced on 7.2.x, September 23, 2019, from http://cloud-10-50-0-165/builds/branches/
      Reproduced on master, September 23, 2019, from http://cloud-10-50-0-165/builds/branches/

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                della.wang Della Wang
                Reporter:
                christopher.lui Christopher Lui
                Participants of an Issue:
                Recent user:
                Clarissa Velazquez
                Engineering Assignee:
                Joshua Cords
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  39 weeks, 2 days ago

                  Packages

                  Version Package
                  7.0.0 DXP FP91
                  7.0.X
                  7.1.10 DXP FP18
                  7.1.X
                  7.2.10 DXP FP5
                  7.2.10.2 DXP SP2
                  7.2.X
                  7.3.0 CE GA1
                  Master