Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-30569

User gets imported from LDAP with every login even when unchanged

        Details

        • Branch Version/s:
          6.1.x, 6.0.x
        • Backported to Branch:
          Committed
        • Story Points:
          8

          Description

          When user is logged in against LDAP server, import to Liferay DB is automatically triggered. This import is done only if needed, i.e. when modification date of the liferay user is different from modification date of LDAP entry.

          But the import seems to be processed everytime, when a non-blank password is used for login, see PortalLDAPImportedImpl.updateUser() around line 1103, look for:

          if (ldapUserModifiedDate.equals(user.getModifiedDate()) &&
          ldapUser.isAutoPassword()) {

            Activity

            Ascending order - Click to sort in descending order
            Hide
            Permalink
            sharry.shi Sharry Shi added a comment - - edited

            PASSED Manual Testing using the following steps:

            1. Enable the LDAP. I used Apacheds and JXplorer.
            2. Add a user named "user1" with password "test".
            3. Start Liferay bundle.
            4. Go to Control Panel > Server Administration > Log Levels > Add Category to add com.liferay.portal.security.ldap.PortalLDAPImporterImpl to ALL;
            5. Portal Setting > Authentication > LDAP, click Enable and Import Enable then Save.
            6. Click Add to add the ldap server, choose the Apache Directory Server, fill the Server Name as Test, fill in the necessary infos to make sure Connection is successfully.
            7. Fill in the necessary infos under Users to see the user in LDAP, now you can see test and user1 in the Test LDAP Users list. Then Save.
            8. Login as user1, modified the password to a.
            9. Logout, redo login as user1 with the original password test.

            Reproduced on:
            Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: 86b4ba82cb4ab5adc68719f7d7e333bee6825005.

            Only got a message like: " 08:38:49,604 DEBUG [http-bio-8080-exec-4][PortalLDAPImporterImpl:478] Adding user email-address" when the ldap user first login, re-login has no reminder in console.

            Fixed on:
            Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: fff9d62d3324e0b437c398348fe565d1d6f6bded.
            Tomcat 7.0 + MySQL 5. Portal 6.1.x.EE GIT ID: 137171a711bcc1d9168e5d809d2bf0867ef5055c.

            Got a message like: " 09:32:23,987 DEBUG [http-bio-8080-exec-14][PortalLDAPImporterImpl:1176] User email-address is already synchronized, but updated password to avoid a blank value" every time the ldap user login except the first time.

            Show
            sharry.shi Sharry Shi added a comment - - edited PASSED Manual Testing using the following steps: Enable the LDAP. I used Apacheds and JXplorer. Add a user named "user1" with password "test". Start Liferay bundle. Go to Control Panel > Server Administration > Log Levels > Add Category to add com.liferay.portal.security.ldap.PortalLDAPImporterImpl to ALL; Portal Setting > Authentication > LDAP, click Enable and Import Enable then Save. Click Add to add the ldap server, choose the Apache Directory Server, fill the Server Name as Test, fill in the necessary infos to make sure Connection is successfully. Fill in the necessary infos under Users to see the user in LDAP, now you can see test and user1 in the Test LDAP Users list. Then Save. Login as user1, modified the password to a. Logout, redo login as user1 with the original password test. Reproduced on: Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: 86b4ba82cb4ab5adc68719f7d7e333bee6825005. Only got a message like: " 08:38:49,604 DEBUG [http-bio-8080-exec-4] [PortalLDAPImporterImpl:478] Adding user email-address" when the ldap user first login, re-login has no reminder in console. Fixed on: Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: fff9d62d3324e0b437c398348fe565d1d6f6bded. Tomcat 7.0 + MySQL 5. Portal 6.1.x.EE GIT ID: 137171a711bcc1d9168e5d809d2bf0867ef5055c. Got a message like: " 09:32:23,987 DEBUG [http-bio-8080-exec-14] [PortalLDAPImporterImpl:1176] User email-address is already synchronized, but updated password to avoid a blank value" every time the ldap user login except the first time.
            Hide
            Permalink
            edward.gonzales Edward Gonzales (Inactive) added a comment -

            Hello! We plan to remove "Authentication" from the component field from issues that have more than 1 component. This issue has been identified as a candidate. It is recommended that you update any affected filters. Thanks!

            Show
            edward.gonzales Edward Gonzales (Inactive) added a comment - Hello! We plan to remove "Authentication" from the component field from issues that have more than 1 component. This issue has been identified as a candidate. It is recommended that you update any affected filters. Thanks!
            Hide
            Permalink
            sharry.shi Sharry Shi added a comment -

            We are no longer testing 6.0.X, so closing as "Fixed".

            Show
            sharry.shi Sharry Shi added a comment - We are no longer testing 6.0.X, so closing as "Fixed".

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  2 years, 36 weeks, 6 days ago

                  Development

                    Subcomponents