Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-33950

Required HTTPS SSL Authentication fails when accessing through unsecure port

    Details

      Description

      Description
      When enforcing https authentication for portal security on ports other than 80/443, the login will fail when attempting to login through an unsecure port. (default 8080)

      Steps to Reproduce
      1) Configure a SSL environment. For my testing I used Tomcat:
      http://www.liferay.com/group/customer/kbase/-/knowledge_base/article/14406628

      2) Place the property 'company.security.auth.requires.https=true' into portal-ext.properties

      3) Connect Liferay 6.0 SP1 to empty database. This should also set the portal at 'localhost' for its virtual host.

      4) Navigate to 'http://localhost:8080' - Log in fails.

      5) Navigating to 'https://localhost:8443' - After accepting certificate - Log in works.

      When attempting to enforce https authentication while accessing the unsecure port (8080), the login fails.

      When using ports 80/443, the authentication works correctly. The URL however is formatted differently in that 80/443 are not present.

        Attachments

          Activity

            People

            Assignee:
            james.lefeu James Lefeu (Inactive)
            Reporter:
            alexander.chau Alex Chau
            Participants of an Issue:
            Recent user:
            Esther Sanz
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since last comment:
              7 years, 22 weeks, 3 days ago

                Packages

                Version Package
                6.0.12 EE