-
Type:
Bug
-
Status: Closed
-
Resolution: Fixed
-
Affects Version/s: 7.0.X, 7.1.X, Master
-
Fix Version/s: 7.0.0 DXP FP60, 7.0.0 DXP SP9, 7.0.X, 7.1.10 DXP FP3, 7.1.1 CE GA2, 7.1.10.1 SP1, 7.1.X, Master
-
Component/s: Application Security > LDAP
-
Branch Version/s:7.1.x, 7.0.x
-
Backported to Branch:Committed
-
Story Points:3
-
Fix Priority:4
-
Git Pull Request:
Steps to reproduce
- Start a Docker container with OpenLDAP installed.
docker run --name LPS-85179 --detach -p 389:389 holatuwol/liferayissue:LPS-85179 docker exec -u root LPS-85179 apt-get update docker exec -u root LPS-85179 apt-get install -yq ldap-utils docker exec LPS-85179 ldapmodify -x -c -D 'cn=admin,cn=config' -w admin -f /postmodify.ldif
- Set users.update.last.login=false in portal-ext.properties
- Start up Liferay and log in as the admin user
- Navigate to Control Panel > Configuration > Instance Settings
- Select the Authentication section and select the LDAP tab
- Choose the option to add an LDAP server
- Test the LDAP configuration
- Set the name to "localhost"
- Select the OpenLDAP radio button
- Change the Base DN to "dc=example,dc=org"
- Change the Principal to "cn=test,ou=people,dc=example,dc=org"
- Change the password to "test"
- Click on the "Test LDAP Connection" button
- Test the LDAP user import
- Click on the "Test LDAP Users" button
- Save the configuration
- Select the Authentication section and select the LDAP tab
- Check the "Enabled" checkbox, the "Required" checkbox, and the "Enable User Password on Import"
- Save the configuration, and double-check to make sure the settings took effect
- Open a new shell window, and run the following script. If not using the provided OpenLDAP server, update the value for -u accordingly.
while true do curl http://localhost:8080/api/jsonws/classname/fetch-class-name -u '[email protected]:test' -d 'value=com.liferay.portal.kernel.model.User' 2>&1 | grep 'Exception done
- Confirm that the script successfully runs successfully
- Open a new shell window, and run the above script again (essentially having two shell windows running the script in parallel)
Expected Result: No StaleObjectStateExceptions are thrown in the Liferay logs
Actual Results: StaleObjectStateExceptions are thrown in the Liferay logs
- causes
-
LPS-116250 Changing password to one that does not meet LDAP's password policy causes the user to be logged out
- Closed
- fixes
-
LPS-71590 LDAPUserImporter always updates user
- Closed