Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-77929

Password encryption scheme (algorithm name) is exported incorrectly to LDAP

    Details

    • Type: Bug
    • Status: Verified
    • Resolution: Unresolved
    • Affects Version/s: 7.0.0 DXP FP39, 7.0.X, 7.1.X, Master
    • Fix Version/s: None
    • Labels:

      Description

      Exporting users with encrypted password to LDAP can lead to authentication problems.

      Reproduction steps #1

      1. Setup Liferay with OpenLDAP. Ensure to enable SHA-256 (optionally SHA-384 or UFC-CRYPT) password encryption and "Export to LDAP"
      2. Add new user with password
      3. Log in with previously created user

      Expected result: Successful authentication.
      Actual result: Authentication failure.


      Reproduction steps #1

      1. Setup Liferay with ApacheDS. Ensure to enable UFC-CRYPT password encryption and "Export to LDAP"
      2. Add new user with password
      3. Check the exported user's encrypted password in LDAP

      Expected result: Password is prefixed with {CRYPT}.
      Actual result: Password is prefixed with {SSHA}.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Days since last comment:
                29 weeks ago

                Packages

                Version Package