Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-116250

Changing password to one that does not meet LDAP's password policy causes the user to be logged out

    Details

      Description

      Steps To Reproduce (Mostly taken from LPS-76332)

      1. Start a Docker container with OpenLDAP installed and a password policy with history enabled.
        docker run --name LPS-76332 --detach -p 389:389 holatuwol/liferayissue:LPS-76332
        docker exec LPS-76332 ldapmodify -x -c -D 'cn=admin,cn=config' -w admin -f /postmodify.ldif
        
      2. Start up Liferay and log in as the admin user
      3. Navigate to Control Panel > Configuration > Instance Settings > LDAP
      4. Under "General" enable "Enabled" and "Use LDAP Password Policy"
      5. Under "Export" enable "Enable Export"
      6. Under "Import" enable "Enable Import" and "Enable Import on Startup"
      7. Under "Server" add a server with the following details
        1. Set the name to "localhost"
        2. Select the OpenLDAP radio button
        3. Change the Base DN to "dc=example,dc=org"
        4. Change the Principal to "cn=test,ou=people,dc=example,dc=org"
        5. Change the password to "test"
        6. Click on the "Test LDAP Connection" button
      8. Test the LDAP user import
        1. Click on the "Test LDAP Users" button
      9. Update the LDAP export configuration
        1. Change the Users DN to "ou=people,dc=example,dc=org"
        2. Change the User Default Object Classes to "top,person,organizationalPerson,inetOrgPerson"
        3. Set the Groups DN to blank
      10. Save the configuration
      11. Wait for the users to be imported or restart the server to trigger it
      12. Sign in as test2@liferay.com with the password "test"
      13. Navigate to My Account > Account Settings
      14. Change the password to "test1"
      15. Attempt to change the password but use an incorrect "Current Password" so the update fails
      16. Change the password to "test" using the correct "Current Password"

      Expected Results
      The password is not modified and an error message is shown to the user.

      Actual Results
      The user is logged out and sees the error "You do not have the roles required to access this portlet."

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                della.wang Della Wang
                Reporter:
                jonathan.mccann Jonathan McCann
                Participants of an Issue:
                Recent user:
                Jason Pince
                Engineering Assignee:
                Jonathan McCann
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  5 weeks, 5 days ago

                  Packages

                  Version Package
                  7.2.10 DXP FP7
                  7.2.X
                  7.3.4 CE GA5
                  Master