Details

    • Branch Version/s:
      6.1.x, 6.0.x
    • Backported to Branch:
      Committed
    • Story Points:
      8
    • Similar Issues:
      Show 5 results 

      Description

      When user is logged in against LDAP server, import to Liferay DB is automatically triggered. This import is done only if needed, i.e. when modification date of the liferay user is different from modification date of LDAP entry.

      But the import seems to be processed everytime, when a non-blank password is used for login, see PortalLDAPImportedImpl.updateUser() around line 1103, look for:

      if (ldapUserModifiedDate.equals(user.getModifiedDate()) &&
      ldapUser.isAutoPassword()) {

        Activity

        Hide
        Sharry Shi added a comment - - edited

        PASSED Manual Testing using the following steps:

        1. Enable the LDAP. I used Apacheds and JXplorer.
        2. Add a user named "user1" with password "test".
        3. Start Liferay bundle.
        4. Go to Control Panel > Server Administration > Log Levels > Add Category to add com.liferay.portal.security.ldap.PortalLDAPImporterImpl to ALL;
        5. Portal Setting > Authentication > LDAP, click Enable and Import Enable then Save.
        6. Click Add to add the ldap server, choose the Apache Directory Server, fill the Server Name as Test, fill in the necessary infos to make sure Connection is successfully.
        7. Fill in the necessary infos under Users to see the user in LDAP, now you can see test and user1 in the Test LDAP Users list. Then Save.
        8. Login as user1, modified the password to a.
        9. Logout, redo login as user1 with the original password test.

        Reproduced on:
        Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: 86b4ba82cb4ab5adc68719f7d7e333bee6825005.

        Only got a message like: " 08:38:49,604 DEBUG [http-bio-8080-exec-4][PortalLDAPImporterImpl:478] Adding user email-address" when the ldap user first login, re-login has no reminder in console.

        Fixed on:
        Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: fff9d62d3324e0b437c398348fe565d1d6f6bded.
        Tomcat 7.0 + MySQL 5. Portal 6.1.x.EE GIT ID: 137171a711bcc1d9168e5d809d2bf0867ef5055c.

        Got a message like: " 09:32:23,987 DEBUG [http-bio-8080-exec-14][PortalLDAPImporterImpl:1176] User email-address is already synchronized, but updated password to avoid a blank value" every time the ldap user login except the first time.

        Show
        Sharry Shi added a comment - - edited PASSED Manual Testing using the following steps: Enable the LDAP. I used Apacheds and JXplorer. Add a user named "user1" with password "test". Start Liferay bundle. Go to Control Panel > Server Administration > Log Levels > Add Category to add com.liferay.portal.security.ldap.PortalLDAPImporterImpl to ALL; Portal Setting > Authentication > LDAP, click Enable and Import Enable then Save. Click Add to add the ldap server, choose the Apache Directory Server, fill the Server Name as Test, fill in the necessary infos to make sure Connection is successfully. Fill in the necessary infos under Users to see the user in LDAP, now you can see test and user1 in the Test LDAP Users list. Then Save. Login as user1, modified the password to a. Logout, redo login as user1 with the original password test. Reproduced on: Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: 86b4ba82cb4ab5adc68719f7d7e333bee6825005. Only got a message like: " 08:38:49,604 DEBUG [http-bio-8080-exec-4] [PortalLDAPImporterImpl:478] Adding user email-address" when the ldap user first login, re-login has no reminder in console. Fixed on: Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: fff9d62d3324e0b437c398348fe565d1d6f6bded. Tomcat 7.0 + MySQL 5. Portal 6.1.x.EE GIT ID: 137171a711bcc1d9168e5d809d2bf0867ef5055c. Got a message like: " 09:32:23,987 DEBUG [http-bio-8080-exec-14] [PortalLDAPImporterImpl:1176] User email-address is already synchronized, but updated password to avoid a blank value" every time the ldap user login except the first time.
        Hide
        Edward Gonzales added a comment -

        Hello! We plan to remove "Authentication" from the component field from issues that have more than 1 component. This issue has been identified as a candidate. It is recommended that you update any affected filters. Thanks!

        Show
        Edward Gonzales added a comment - Hello! We plan to remove "Authentication" from the component field from issues that have more than 1 component. This issue has been identified as a candidate. It is recommended that you update any affected filters. Thanks!
        Hide
        Sharry Shi added a comment -

        We are no longer testing 6.0.X, so closing as "Fixed".

        Show
        Sharry Shi added a comment - We are no longer testing 6.0.X, so closing as "Fixed".

          People

          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:
              Days since last comment:
              1 year, 32 weeks, 6 days ago

              Development

                Structure Helper Panel