Affects Version/s: 7.0.0 M7
Steps to Reproduce
- Start a Docker container with a pre-built "cas.war" that allows HTTP service providers.
- Navigate to https://localhost:8443/cas and confirm that you can login as the default CAS user, username "casuser", password "Mellon"
- Copy "thekeystore" from the container to the Tomcat folder for your Tomcat bundle.
- Open "setenv.sh" for your Tomcat bundle and update CATALINA_OPTS to accept the certificates in the CAS keystore.
- Start up Liferay and log in as the admin user
- Navigate to Control Panel > Configuration > Instance Settings
- Select the Authentication section
- Update the configuration to login by screen name and save the configuration
- Select the Authentication section, and click on the CAS tab
- Update the form fields to be the following, and click on the Test CAS Configuration button to confirm that all values pass:
- Check the "Enabled" checkbox and save the configuration.
- Create a new user with the screen name "casuser" (all other fields do not matter)
- Open a New Incognito window and click on the Sign In link
- Sign in as the default CAS user, username "casuser", password "Mellon"
Note: After the error, you will need to delete the casuser and recreate them in order to reproduce the error again. If you are signed out and need to login as the test user, you will need to access the login portlet directly via http://localhost:8080/?p_p_id=com_liferay_login_web_portlet_LoginPortlet&p_p_state=maximized
The issue is that the session is now invalidated after login, which means the check for a CAS_LOGIN session attribute added in
LPS-28432 no longer works.