Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-121821

Email verification process breaks redirection chain

    Details

      Description

      When requesting a private page or other secure resource on portal, the user is redirected to login. The login page is requested with a "redirect" parameter used to return to the aforementioned secure resource.

      However if signing in requires the user to verify their email address, this redirect parameter is lost, causing the user to get redirected to http://localhost:8080/c which in turn returns them to the last access public resource (LAST_PATH).

      The issue was likely introduced in LPS-37924.

      1) Start the server, login as Admin
      2) Create a new page e.g. /testpage and remove the VIEW permission for Guest user on it
      3) Create a new user e.g. user1 and set its password
      4) Ensure that the portal instance is configured to require users to verify their email address
      5) Configure the server SMTP settings in Server Administration
      6) Open incognito and paste/go to this URL in the address bar: http://localhost:8080/web/guest/testpage
      7) A Login prompt will appear, enter the credentials of the new user user1
      8) Accept the terms
      9) The user should now be prompted to verify their email address. Complete this process.
      10) Liferay may prompt for other things depending on the version, complete as necessary

       Expected result: The user logged in and redirected to http://localhost:8080/web/guest/testpage

       Actual result: The user is redirected to http://localhost:8080/web/guest

       

      Tip: Python has a handy way to easily run a SMTP server on the localhost 

      python -m smtpd -n -c DebuggingServer localhost:1025

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              della.wang Della Wang (Inactive)
              Reporter:
              stian.sigvartsen Stian Sigvartsen
              Participants of an Issue:
              Recent user:
              Ricardo Couso
              Engineering Assignee:
              Stian Sigvartsen
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                48 weeks, 3 days ago

                  Packages

                  Version Package
                  7.3.10 DXP FP1
                  7.3.10.1 DXP SP1
                  Master