-
Type:
Technical Task
-
Status: Closed
-
Priority:
Critical
-
Resolution: Won't Fix
-
Affects Version/s: 6.1.0 CE RC1
-
Fix Version/s: None
-
Component/s: Accessibility, Application Security > LDAP, Security Vulnerability
-
Environment:same as umbrella, OpenLDAP in Mac OS X Server 10.6.8
Hello,
I have setup Liferay and configured an LDAP server
1) Go to Control Panel -> Server Settings -> Authentication
2) Configure LDAP server
3) In portal-ext.properties I have set: ldap.import.user.password.enabled=true
4) I have enabled LDAP but not required
5) I have disabled "Use LDAP password policy"
6) When I login with a user from LDAP, Liferay asks to set a new password.
According to the docs in portal.properties:
#
- Set this to false when the LDAP user's password should not be imported.
#
ldap.import.user.password.enabled=true
So I would expect Liferay not to ask for a new password, since it should import the password from LDAP.
If I select "Use LDAP password policy" it seems to work, but then I can create a user in Liferay only (a user that does not have an LDAP account) because I get the following stack trace:
08:38:54,348 ERROR [render_portlet_jsp:154] java.lang.NullPointerException
at com.liferay.portal.security.pwd.PasswordPolicyToolkit.generateDynamic(PasswordPolicyToolkit.java:164)
at com.liferay.portal.security.pwd.PasswordPolicyToolkit.generate(PasswordPolicyToolkit.java:76)
at com.liferay.portal.security.pwd.PwdToolkitUtil._generate(PwdToolkitUtil.java:56)
at com.liferay.portal.security.pwd.PwdToolkitUtil.generate(PwdToolkitUtil.java:32)
at com.liferay.portal.service.impl.UserLocalServiceImpl.completeUserRegistration(UserLocalServiceImpl.java:1441)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:112)
at com.liferay.portal.spring.transaction.TransactionInterceptor.invoke(TransactionInterceptor.java:71)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:59)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:59)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:59)
at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
at com.liferay.portal.spring.aop.ServiceBeanAopProxy.invoke(ServiceBeanAopProxy.java:211)
at com.liferay.portal.service.UserLocalServiceUtil.completeUserRegistration(UserLocalServiceUtil.java:868)
at com.liferay.portlet.directory.workflow.UserWorkflowHandler.updateStatus(UserWorkflowHandler.java:70)
at com.liferay.portal.kernel.workflow.WorkflowHandlerRegistryUtil.startWorkflowInstance(WorkflowHandlerRegistryUtil.java:125)
at com.liferay.portal.kernel.workflow.WorkflowHandlerRegistryUtil.startWorkflowInstance(WorkflowHandlerRegistryUtil.java:155)
at com.liferay.portal.service.impl.UserLocalServiceImpl.addUserWithWorkflow(UserLocalServiceImpl.java:803)
Alex