Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-40581

Liferay tries to authenticate multiple times to LDAP if it's unsuccessful at first and when LDAP is set up via properties



      Reproduction Steps

      1 - Start an LDAP (I used ApacheDS, but Microsoft AD is also good to test with; the point is that you should be able to track the number of failed logons)
      2 - Set up LDAP connection in the portal-ext.properties (NOT the Control Panel!) - please see attached ldap.properties
      3 - Try to log in with a user with an incorrect password
      4 - In the LDAP, note that Liferay tried to authenticate the user multiple times, not only once!


      • In AD, you can see this if you go to the User in question, right click -> Properties -> Attribute Editor -> BadPwdCount
      • In ApacheDS, you will see as many pwdFailtureTime attribute(s) as the number of failed logons
      • Attribute pwdFailtureTime should be looked up within that user object with which you tried to log in by using an incorrect password; ApacheDS creates this attribute implicitly
      • For reproducing with ApacheDS, place remove directory APACHEDS_HOME/instances/default and restore my data from default.zip
      • Example user I used during testing was: cn=dvader,ou=users,dc=support,dc=liferay,dc=com
      • The issue isn't Oracle specific, you can use any RDBMS of your choice


        1. ApacheDS.png
          171 kB
        2. default.zip
          1018 kB
        3. ldap.properties
          2 kB



            • Assignee:
              mark.jin Mark Jin (Inactive)
              laszlo.csontos Laszlo Csontos (Inactive)
              Participants of an Issue:
              Recent user:
              Esther Sanz
            • Votes:
              0 Vote for this issue
              0 Start watching this issue


              • Created:
                Days since last comment:
                6 years, 51 weeks, 3 days ago


                Version Package
                6.1.X EE
                6.2.0 CE RC3