Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-43991

passwordModifiedDate is updated during LDAP import which affects Liferay Default Password Policy

    Details

      Description

      Steps:
      1. sign in as [email protected]
      2. navigate to Control Panel > Users & Organizations, create a new user, [email protected]
      3. navigate to Control Panel > Password Policies > Edit Default Password Policy
      4. check Expiration Enabled (two weeks minimum), set a Grace Limit
      5. assign [email protected] to the password policy
      6. shut down the server, and modify the database to have two weeks or more depending on the Expiration set

      update user_ set passwordModifiedDate='2014-01-19 17:48:56' where emailAddress like '[email protected]';
      

      7. restart the server, sign in as [email protected], should now be notified to reset user password

      --------------------

      Default LDAP Environment:

      #
      # LDAP
      #
      ldap.auth.enabled=true
      #ldap.import.enabled=true
      #ldap.export.enabled=true
      
      #
      # Apache Directory Server
      #
      ldap.base.provider.url.0=ldap://192.168.232.132:10389
      ldap.base.dn.0=ou=users,ou=system
      ldap.security.principal.0=uid=admin,ou=system
      ldap.security.credentials.0=secret
      ldap.auth.search.filter.0=([email protected][email protected])
      ldap.contact.mappings.0=
      ldap.contact.custom.mappings.0=
      ldap.user.default.object.classes.0=top,person,inetOrgPerson,organizationalPerson
      ldap.user.mappings.0=screenName=cn\npassword=userPassword\nemailAddress=mail\nfirstName=givenName\nlastName=sn
      ldap.user.custom.mappings.0=
      ldap.group.default.object.classes.0=top,groupOfUniqueNames
      ldap.group.mappings.0=groupName=cn\nuser=uniqueMember
      ldap.import.user.search.filter.0=(objectClass=person)
      ldap.import.group.search.filter.0=(objectClass=groupOfUniqueNames)
      ldap.users.dn.0=ou=users,ou=system
      ldap.groups.dn.0=ou=groups,ou=system
      

      ----------

      Tests:

      SCENARIO #1: No LDAP environment, user signs in
      Behavior: updatePassword() never triggers and the modified date stays the same,
      This is Actual and Expected Behavior.

      SCENARIO #2: No LDAP environment, user updates their password
      Behavior: updatePassword() triggers and the modified date is changed, silentUpdate = false
      This is Actual and Expected Behavior.

      SCENARIO #3: Default LDAP environment, user signs in and and triggers an import
      Actual Behavior: updatePassword() triggers and the modified date is changed, silentUpdate = true

      SCENARIO #4: Default LDAP environment with export enabled, user updates password in Liferay to update LDAP server
      Actual Behavior on Initial User Sign-In/Import: updatePassword() triggers, modified date is set, silentUpdate = true
      Actual Behavior on Initial User Sign-In Password Reset: updatePassword() triggers and the modified date is changed, silentUpdate = false (updatePassword() no longer triggers if signing in with reset password, related to LPS-43971)
      Actual Behavior on Password Update: updatePassword() triggers and the modified date is changed, silentUpdate = false (pending fix for LPS-43971)
      Actual Behavior on User Sign-In: updatePassword() triggers and the modified date is changed, silentUpdate = true

      SCENARIO #5: Default LDAP environment with export enabled, user creation
      Behavior: updatePassword() never triggers and modified date is set upon user creation, user is also exported properly into LDAP server
      This is Actual and Expected Behavior.

      --------------------

      Expected Behavior: updatePassword() triggers and modified date is only changed when silentUpdate = false; during initial user creation for import, modified date should be set if null

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              yunlin.sun Yunlin "Steven" Sun
              Reporter:
              jenny.chen Jenny Chen
              Participants of an Issue:
              Recent user:
              Esther Sanz
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                7 years, 40 weeks, 3 days ago

                  Packages

                  Version Package
                  6.1.X EE
                  6.2.X EE
                  7.0.0 M1