Details

    • Branch Version/s:
      6.0.x
    • Backported to Branch:
      Committed
    • Liferay Contributor's Agreement:
      Accept
    • Similar Issues:
      Show 4 results 

      Description

      Sometimes a person may not want Liferay to import an LDAP user's password into it's database.

      An improvement would be to allow the portal admin to choose whether to save the user's LDAP password when they login or not.

        Issue Links

          Activity

          Hide
          Jonas Yuan added a comment -

          This would be a good feature.

          Here I recommend adding following properties in portal.properties - especially in LDAP section.

          1. Set this to true if the portal does import LDAP user's password.
          2. Set this to false if the portal does not import LDAP user's password;
            ldap.import.user.password.enabled=true
          1. Set this to false if LDAP user's password is not auto-generated;
          2. This property is in use only if the property ldap.import.user.password.enabled is set to false.
            ldap.import.user.password.autogenerated=false
          1. use default password as LDAP user's password: $SCREENNAME$, $USERID$, $EMAILADDRESS$, or plain text.
          2. This property is in use only if the property ldap.import.user.password.enabled is set to false
          3. and the property ldap.import.user.password.auto-generated is set to false, too.
            ldap.import.user.password.default=test

          Is this feature useful? Your suggestions?

          Thanks

          Jonas Yuan

          Show
          Jonas Yuan added a comment - This would be a good feature. Here I recommend adding following properties in portal.properties - especially in LDAP section. Set this to true if the portal does import LDAP user's password. Set this to false if the portal does not import LDAP user's password; ldap.import.user.password.enabled=true Set this to false if LDAP user's password is not auto-generated; This property is in use only if the property ldap.import.user.password.enabled is set to false. ldap.import.user.password.autogenerated=false use default password as LDAP user's password: $SCREENNAME$, $USERID$, $EMAILADDRESS$, or plain text. This property is in use only if the property ldap.import.user.password.enabled is set to false and the property ldap.import.user.password.auto-generated is set to false, too. ldap.import.user.password.default=test Is this feature useful? Your suggestions? Thanks Jonas Yuan
          Hide
          Jonas Yuan added a comment -

          a fix patch for revision 66876.

          Jonas Yuan

          Show
          Jonas Yuan added a comment - a fix patch for revision 66876. Jonas Yuan
          Hide
          Jonas Yuan added a comment -

          this feature got implemented. See attached patch and suggestions.

          Show
          Jonas Yuan added a comment - this feature got implemented. See attached patch and suggestions.
          Show
          Jonas Yuan added a comment - Details have been addressed at http://www.liferay.com/web/jonas.yuan/blog/-/blogs/keeping-user-password-secure-with-ldap-integration
          Hide
          Pani Gui (Inactive) added a comment -

          PASSED Manual Testing using the following steps:
          1. Add following properties in portal-ext.properties file.
          ldap.import.user.password.enabled=false
          ldap.import.user.password.autogenerated=false
          ldap.import.user.password.default=aaa
          2. Start liferay.
          3. Configure LDAP settings.
          4. Try to login as LDAP user using original password and the property default password.

          Reproduced on:
          Tomcat 6.0 + MySQL 5. Firefox 4.0.1. 6.0.5 CE.
          The LDAP user can use the original password, so the user's password is also imported from LDAP. The property default password doesn't work for the user.

          Fixed on:
          Tomcat 6.0 + MySQL 5. Firefox 4.0.1. 6.0.x Revision 80845.
          Tomcat 6.0 + MySQL 5. Firefox 4.0.1. 6.1.x Revision 80737.
          The LDAP user can't use the original password and only can use the property default password, to explain liferay doesn't import user's password from LDAP.

          Show
          Pani Gui (Inactive) added a comment - PASSED Manual Testing using the following steps: 1. Add following properties in portal-ext.properties file. ldap.import.user.password.enabled=false ldap.import.user.password.autogenerated=false ldap.import.user.password.default=aaa 2. Start liferay. 3. Configure LDAP settings. 4. Try to login as LDAP user using original password and the property default password. Reproduced on: Tomcat 6.0 + MySQL 5. Firefox 4.0.1. 6.0.5 CE. The LDAP user can use the original password, so the user's password is also imported from LDAP. The property default password doesn't work for the user. Fixed on: Tomcat 6.0 + MySQL 5. Firefox 4.0.1. 6.0.x Revision 80845. Tomcat 6.0 + MySQL 5. Firefox 4.0.1. 6.1.x Revision 80737. The LDAP user can't use the original password and only can use the property default password, to explain liferay doesn't import user's password from LDAP.

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                4 years, 15 weeks, 3 days ago

                Development

                  Structure Helper Panel