Resolution: Won't Fix
Affects Version/s: 6.0.12 EE
Fix Version/s: 6.0.12 EE
Environment:LIFERAY VERSION: 6.0 SP1
OPERATING SYSTEM: Other Linux Distribution
APPLICATION SERVER: JBoss 5.1
JAVA VIRTUAL MACHINE: Java 6
DATABASE: SQL Server 2008
When enforcing https authentication for portal security on ports other than 80/443, the login will fail when attempting to login through an unsecure port. (default 8080)
Steps to Reproduce
1) Configure a SSL environment. For my testing I used Tomcat:
2) Place the property 'company.security.auth.requires.https=true' into portal-ext.properties
3) Connect Liferay 6.0 SP1 to empty database. This should also set the portal at 'localhost' for its virtual host.
4) Navigate to 'http://localhost:8080' - Log in fails.
5) Navigating to 'https://localhost:8443' - After accepting certificate - Log in works.
When attempting to enforce https authentication while accessing the unsecure port (8080), the login fails.
When using ports 80/443, the authentication works correctly. The URL however is formatted differently in that 80/443 are not present.