Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-121821

Email verification process breaks redirection chain

Details

    Description

      When requesting a private page or other secure resource on portal, the user is redirected to login. The login page is requested with a "redirect" parameter used to return to the aforementioned secure resource.

      However if signing in requires the user to verify their email address, this redirect parameter is lost, causing the user to get redirected to http://localhost:8080/c which in turn returns them to the last access public resource (LAST_PATH).

      The issue was likely introduced in LPS-37924.

      1) Start the server, login as Admin
      2) Create a new page e.g. /testpage and remove the VIEW permission for Guest user on it
      3) Create a new user e.g. user1 and set its password
      4) Ensure that the portal instance is configured to require users to verify their email address
      5) Configure the server SMTP settings in Server Administration
      6) Open incognito and paste/go to this URL in the address bar: http://localhost:8080/web/guest/testpage
      7) A Login prompt will appear, enter the credentials of the new user user1
      8) Accept the terms
      9) The user should now be prompted to verify their email address. Complete this process.
      10) Liferay may prompt for other things depending on the version, complete as necessary

       Expected result: The user logged in and redirected to http://localhost:8080/web/guest/testpage

       Actual result: The user is redirected to http://localhost:8080/web/guest

       

      Tip: Python has a handy way to easily run a SMTP server on the localhost 

      python -m smtpd -n -c DebuggingServer localhost:1025

      Attachments

        Issue Links

          Activity

            People

              della.wang Della Wang (Inactive)
              stian.sigvartsen Stian Sigvartsen
              Kiyoshi Lee Kiyoshi Lee
              Stian Sigvartsen Stian Sigvartsen
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                1 year, 50 weeks, 6 days ago

                Packages

                  Version Package
                  7.3.10 DXP FP1
                  7.3.10.1 DXP SP1
                  7.4.13 DXP GA1
                  Master