[LPS-109784] Basic Authentication doesn't work with path: /c/document_library/get_file - Liferay Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Resolution: Fixed
Affects Version/s: 7.1.10 DXP FP16, 7.1.X, 7.2.10 DXP FP4, 7.2.X, Master
Fix Version/s: 7.1.10 DXP FP18, 7.1.10.5 SP5, 7.1.X, 7.2.10 DXP FP5, 7.2.10.2 DXP SP2, 7.2.X, 7.3.10 DXP GA1, Master
Component/s: Application Security > Auto Login, Documents & Media
Labels:

Branch Version/s:

7.2.x, 7.1.x
Backported to Branch:

Committed
Fix Priority:
3
Git Pull Request:
https://github.com/brianchandotcom/liferay-portal/pull/86585

Description

Reproduction steps:
1) Start Liferay
2) Upload a file with no Guest permission
3) Go to Control Panel -> System Settings -> Security -> API Authentication -> Auto Login Basic Authentication Header
Check Enabled then Save
4) Get the document's uuid and the site's groupId and replace them in the following curl command:

curl --location --request GET 'http://localhost:8080/c/document_library/get_file?uuid=3f42f6d3-8bb1-2a13-1b18-728c3f5c575c&groupId=20127' \
--header 'Accept: application/pdf ' \
--header 'Authorization: Basic dGVzdEBsaWZlcmF5LmNvbTp0ZXN0'

You emailaddress and password should be: test@liferay.com test
5) Execute the above command

Result: The file cannot be accessed.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

error.png
131 kB
25/Mar/20 10:17 PM

Activity

People

Assignee:: Della Wang

Reporter:: Istvan Sajtos

Participants of an Issue:: Della Wang, Istvan Sajtos

Recent user:: Yunlin "Steven" Sun

Engineering Assignee:: Istvan Sajtos

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 04/Mar/20 6:00 AM

Updated:: 17/Dec/20 12:40 AM

Resolved:: 07/Apr/20 10:52 PM

Days since last comment:: 41 weeks, 1 day ago

Packages

Version	Package
7.1.10 DXP FP18
7.1.10.5 SP5
7.1.X
7.2.10 DXP FP5
7.2.10.2 DXP SP2
7.2.X
7.3.10 DXP GA1
Master