[LPS-45954] Unable to sign in or import users using both NTLM and LDAP - Liferay Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Resolution: Fixed
Affects Version/s: 6.2.10 EE GA1, 6.2.X EE, 7.0.0 M3
Fix Version/s: 6.2.2 CE GA3 , 6.2.X EE, 7.0.0 M1
Component/s: Application Security, Application Security > LDAP, Application Security > NTLM, Security Vulnerability
Labels:

Branch Version/s:

6.2.x
Backported to Branch:

Committed
Story Points:
21
Git Pull Request:
https://github.com/hhuijser/liferay-portal/pull/1831

Description

Reproduced:

Master GitId: ad0625c4e353ad341e3866ed61b08d20b82e4dc6
Master GitId: bb726edf3bd52cf35e6c13933de76c1e536d0d33
Master GitId: 1870ac39b7e78a2a516095c781c1fba05b5dd5da
Master GitId: 4d39c26812dd0a6b521ae464f0f6db81d8e73c11
62x GitId: d3afab24b9a2a82076d9f3d9308e7f111755123e

Steps:
1. set the following portal-ext.properties:

jdbc.default.driverClassName=com.mysql.jdbc.Driver
jdbc.default.url=jdbc:mysql://localhost/trunk?useUnicode=true&characterEncoding=UTF-8&useFastDateParsing=false
jdbc.default.username=root
jdbc.default.password=liferay

#
# Company Auth
#
company.security.auth.type=screenName
passwords.encryption.algorithm.legacy=SHA
passwords.encryption.algorithm=SHA

#
# LDAP
#
ldap.auth.enabled=true
ldap.auth.password.encryption.algorithm=SHA

ldap.base.provider.url.0=ldap://192.168.232.143:389
ldap.base.dn.0=ou=User2,dc=windows2003,dc=ntlm
ldap.security.principal.0=cn=Administrator,cn=Users,dc=windows2003,dc=ntlm
ldap.security.credentials.0=liferay
ldap.auth.search.filter.0=([email protected][email protected])
ldap.contact.mappings.0=
ldap.contact.custom.mappings.0=
ldap.user.default.object.classes.0=top,person,inetOrgPerson,organizationalPerson
ldap.user.mappings.0=uuid=uuid\nscreenName=sAMAccountName\npassword=userPassword\nemailAddress=userPrincipalname\nfirstName=givenName\nlastName=sn\njobTitle=title\ngroup=groupMembership
ldap.user.custom.mappings.0=
ldap.group.default.object.classes.0=top,groupOfUniqueNames
ldap.group.mappings.0=groupName=cn\ndescription=description\nuser=uniqueMember
ldap.import.user.search.filter.0=(objectClass=User)
ldap.import.group.search.filter.0=(objectClass=groupOfUniqueNames)
ldap.users.dn.0=ou=User2,dc=windows2003,dc=ntlm
ldap.groups.dn.0=ou=User2,dc=windows2003,dc=ntlm

ntlm.auth.enabled=true
ntlm.auth.domain.controller=192.168.232.143
ntlm.auth.domain.controller.name=jc1
ntlm.auth.domain=windows2003
[email protected]
ntlm.auth.service.password=test

2. open up IE web browser to http://localhost:8080
3. click sign in for the NTLM prompt
4. use an LDAP/NTLM authenticated user, (example screenName: testtest)

Expected Results: In a new environment, the user testtest should be authenticated and automatically imported into the Liferay portal.

Actual Results: Receive the following exception:

ERROR [http-bio-8080-exec-4][AutoLoginFilter:261] Current URL /c/portal/login?p_l_id=10190 generates exception: com.liferay.portal.NoSuchUserException: No User exists with the key {companyId=10156, screenName=testtest}

Attachments

Issue Links

is related to

LPS-43909 NTLM is not working for IE11

Closed

relates

LPE-11832 Unable to sign in or import users using both NTLM and LDAP

Closed

Activity

People

Assignee:: Shitian "Shelton" Zhang (Inactive)

Reporter:: Jenny Chen

Participants of an Issue:: Jenny Chen, Shitian "Shelton" Zhang

Recent user:: Kiyoshi Lee

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 14/Apr/14 2:25 PM

Updated:: 02/Dec/15 4:30 AM

Resolved:: 24/Apr/14 1:38 PM

Days since last comment:: 8 years, 46 weeks, 6 days ago

Packages

Version	Package
6.2.2 CE GA3
6.2.X EE
7.0.0 M1