Type: Regression Bug
Affects Version/s: 7.2.X, Master
Component/s: Application Security > LDAP
Steps To Reproduce (Mostly taken from
- Start a Docker container with OpenLDAP installed and a password policy with history enabled.
- Start up Liferay and log in as the admin user
- Navigate to Control Panel > Configuration > Instance Settings > LDAP
- Under "General" enable "Enabled" and "Use LDAP Password Policy"
- Under "Export" enable "Enable Export"
- Under "Import" enable "Enable Import" and "Enable Import on Startup"
- Under "Server" add a server with the following details
- Set the name to "localhost"
- Select the OpenLDAP radio button
- Change the Base DN to "dc=example,dc=org"
- Change the Principal to "cn=test,ou=people,dc=example,dc=org"
- Change the password to "test"
- Click on the "Test LDAP Connection" button
- Test the LDAP user import
- Click on the "Test LDAP Users" button
- Update the LDAP export configuration
- Change the Users DN to "ou=people,dc=example,dc=org"
- Change the User Default Object Classes to "top,person,organizationalPerson,inetOrgPerson"
- Set the Groups DN to blank
- Save the configuration
- Wait for the users to be imported or restart the server to trigger it
- Sign in as firstname.lastname@example.org with the password "test"
- Navigate to My Account > Account Settings
- Change the password to "test1"
- Attempt to change the password but use an incorrect "Current Password" so the update fails
- Change the password to "test" using the correct "Current Password"
The password is not modified and an error message is shown to the user.
The user is logged out and sees the error "You do not have the roles required to access this portlet."