Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-57166

Logging in via CAS and accepting terms of use redirects user to blank page

    Details

      Description

      Steps to Reproduce

      1. Start a Docker container with a pre-built "cas.war" that allows HTTP service providers.
        docker run --name LPS-57166 -p 8443:8443 holatuwol/liferayissue:LPS-57166
        
      2. Navigate to https://localhost:8443/cas and confirm that you can login as the default CAS user, username "casuser", password "Mellon"
      3. Copy "thekeystore" from the container to the Tomcat folder for your Tomcat bundle.
        cd /path/to/catalina/home
        docker cp LPS-57166:/etc/cas/thekeystore .
        
      4. Open "setenv.sh" for your Tomcat bundle and update CATALINA_OPTS to accept the certificates in the CAS keystore.
        CATALINA_OPTS="${CATALINA_OPTS} -Djavax.net.ssl.trustStore=${CATALINA_HOME}/thekeystore -Djavax.net.ssl.trustStorePassword=changeit -Djavax.net.ssl.keyStoreType=jks"
        
      5. Start up Liferay and log in as the admin user
      6. Navigate to Control Panel > Configuration > Instance Settings
      7. Select the Authentication section
      8. Update the configuration to login by screen name and save the configuration
      9. Select the Authentication section, and click on the CAS tab
      10. Update the form fields to be the following, and click on the Test CAS Configuration button to confirm that all values pass:
        1. Login URL: https://localhost:8443/cas/login
        2. Logout URL: https://localhost:8443/cas/logout
        3. Server Name: http://localhost:8080
        4. Server URL: https://localhost:8443/cas
        5. Service URL: http://localhost:8080/c/portal/login
        6. No Such User Redirect URL: http://localhost:8080
      11. Check the "Enabled" checkbox and save the configuration.
      12. Create a new user with the screen name "casuser" (all other fields do not matter)
      13. Open a New Incognito window and click on the Sign In link
      14. Sign in as the default CAS user, username "casuser", password "Mellon"
      15. Accept the Terms of Use

      Note: After the error, you will need to delete the casuser and recreate them in order to reproduce the error again. If you are signed out and need to login as the test user, you will need to access the login portlet directly via http://localhost:8080/?p_p_id=com_liferay_login_web_portlet_LoginPortlet&p_p_state=maximized

      The issue is that the session is now invalidated after login, which means the check for a CAS_LOGIN session attribute added in LPS-28432 no longer works.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                3 years, 39 weeks ago

                Packages

                Version Package
                7.0.0 Beta 3
                7.0.0 DXP FP35
                7.0.0 DXP SP7
                7.0.5 CE GA6
                7.0.X
                7.1.0 M1
                7.1.0 M2
                Master