-
Type:
Bug
-
Status: Closed
-
Resolution: Inactive
-
Affects Version/s: 7.0.0 CE GA1, 7.0.1 CE GA2
-
Fix Version/s: None
-
Component/s: Application Security > NTLM
-
Labels:None
-
Fix Priority:3
Liferay6.2 ga6 works fine with Ntlm autentification, but Liferay 7 not
in Control Panel
1. create LDAP server configuration (make sure test connection is ok) and enable it
2. set NTLM settings
3. open http://localhsot:8080 url in IE browser
4. click 'Sign in' button
Actual result: login form is shown
Expected result: login success and show user name
Maybe I found the reason, but I don't sure about it:
I have debugging source code and found
liferay 6:
InvokerFilterChain._filters
filter order
...
com.liferay.portal.servlet.filters.sso.ntlm.NtlmFilter
...
com.liferay.portal.servlet.filters.autologin.AutoLoginFilter
...
liferay 7:
InvokerFilterChain._filters
filter order
...
com.liferay.portal.servlet.filters.autologin.AutoLoginFilter
...
com.liferay.portal.servlet.filters.sso.ntlm.NtlmFilter
...
So order of filters are different.
In liferay7
NtlmAutoLogin.java cannot get screenName , because NtlmFilter is not executed yet
String screenName = (String)request.getAttribute(NtlmWebKeys.NTLM_REMOTE_USER);
screenName is null
================================
Possible solution
Add new property to @Component
before-filter=Auto Login Filter
in the following class
https://github.com/liferay/liferay-portal/blob/7.0.x/modules/apps/foundation/portal-security-sso/portal-security-sso-ntlm/src/main/java/com/liferay/portal/security/sso/ntlm/internal/servlet/filter/NtlmFilter.java
It works for me locally, but I think it should be default configuration in official source code, otherwise NTLM doesn't work
Thanks for any help!