Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-129496

AuthVerifier configurations are not working when portal is running under a custom context

Details

    Description

      To change the root context

      1. Rename ROOT to portal under TOMCAT_HOME/webapps
      2. Rename ROOT.xml to portal.xml under TOMCAT_HOME/conf/localhost
      3. Delete temp and work folders under TOMCAT_HOME
      4. Start portal and log in http://localhost:8080/portal/

      Scenario 1

      1. Change the root context
      2. Go to http://localhost:8080/portal/api/jsonws
      3. Select an arbitrary endpoint to invoke
      4. Open the web console
      5. Add the necessary params and click Invoke

      Expected result: service invocation returns with HTTP 200
      Actual result: service invocation returns HTTP 403 Forbidden

      Scenario 2

      1. Start portal
      2. Create a new vocabulary and put a category in it.
      3. Start creating a new document.
        Checkpoint: in the form, expand the Categorization section. You see stuff there, among others the vocabulary you created.
      4. Go to the site settings and expand the same section.
        Checkpoint: same here, you can see various fields there.
      5. Stop the server and change the root context as shown above
      6. Try again steps 3 and 4

      Result: the Categorization section is completely empty, there's nothing there. If you open the web console > Network tab, you can see HTTP 403 for certain API calls.

      Workaround

      1. Go to System Settings > Portal Session Auth Verifier (or create com.liferay.portal.security.auth.verifier.internal.portal.session.configuration.PortalSessionAuthVerifierConfiguration-default.config)
      2. Edit the URLs Include field and append "/portal" to each of the URLs
      3. Do the same for the other Auth Verifiers for consistency.

      Important: the configuration changes must be removed when the final fix for this issue is installed.

      Attachments

        Issue Links

          Activity

            People

              gabor.lovas Gábor Lovas
              marcell.gyopos Marcell Gyöpös (Inactive)
              Marta Elicegui Marta Elicegui
              Arthur Chen Arthur Chen
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                1 year, 33 weeks, 3 days ago

                Packages

                  Version Package
                  7.3.7 CE GA8
                  7.3.10 DXP FP2
                  7.3.X
                  7.4.0 CE GA1 DXP 7,4
                  7.4.13 DXP GA1
                  Master