PUBLIC - Liferay Portal Community Edition
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-32773

CAS integration (and possibly other auto login hooks) does not work when Live Users enabled.

    Details

    • Type: Bug Bug
    • Status: Closed
    • Resolution: No Longer Reproducible
    • Affects Version/s: 6.1.1 CE GA2, 6.2.0 CE B2
    • Fix Version/s: 6.2.0 CE RC1
    • Component/s: Util, Util > Login portlet
    • Labels:
      None
    • Environment:
      Liferay portal 6.1.1 CE GA2 bundled with Tomcat 7.0.27; Jasig CAS; MySQL; Windows 7.
    • Fix Priority:
      5
    • Similar Issues:
      Show 2 results 

      Description

      After enabling Live Users Tracking, I cannot authenticate with CAS server. Steps to reproduce this bug:

      1. Set live.users.enabled to true in portal-ext.properties
      2. Start Tomcat
      3. Click on "Log in" link -> you are redirected to CAS login form
      4. Enter existing account credentials -> CAS performs successfull authentication and sends you back to Liferay with proper ticket contained within URL
      5. Liferay displays standard login form -> user is not authenticated!

      Piece of code responsible for this bug comes from AutoLoginFilter.java (line 94):

      else if (PropsValues.LIVE_USERS_ENABLED) {
      	UserTracker userTracker =
      		UserTrackerLocalServiceUtil.fetchUserTracker(userId);
      
      	if ((userTracker == null) &&
      		(session.getAttribute(WebKeys.USER) == null)) { // This condition is always true and forces to leave getLoginRemoteUser method prematurely
      
      		session.invalidate();
      
      		return null;
      	}
      }
      

      When users tracking is disabled everything works fine.

        Activity

        Hide
        Krzysztof Gołębiowski added a comment -

        Forgot to mention that Jasig CAS version is 3.5.1

        Show
        Krzysztof Gołębiowski added a comment - Forgot to mention that Jasig CAS version is 3.5.1
        Hide
        Edward Gonzales added a comment -

        Hello! We plan to remove "Authentication" from the component field from issues that have more than 1 component. This issue has been identified as a candidate. It is recommended that you update any affected filters. Thanks!

        Show
        Edward Gonzales added a comment - Hello! We plan to remove "Authentication" from the component field from issues that have more than 1 component. This issue has been identified as a candidate. It is recommended that you update any affected filters. Thanks!
        Hide
        Mika Koivisto added a comment -

        The code problematic code is no longer in AutoLoginFilter and CAS login works correctly.

        Show
        Mika Koivisto added a comment - The code problematic code is no longer in AutoLoginFilter and CAS login works correctly.

          People

          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:
              Days since last comment:
              1 year, 23 weeks, 3 days ago

              Development

                Structure Helper Panel