-
Type:
Bug
-
Status: Closed
-
Resolution: Fixed
-
Affects Version/s: 7.1.X
-
Fix Version/s: 7.1.10 DXP FP10, 7.1.10.2 SP2, 7.1.3 CE GA4, 7.1.X, Master
-
Component/s: Application Security > OpenID Connect
-
Branch Version/s:7.1.x
-
Backported to Branch:Committed
-
Fix Priority:3
-
Git Pull Request:
Description
Authenticating via an OpenID Connect provider redirects the user to localhost:8080. However this is not a valid URL if the application server (Tomcat in this case) has been modified to run the portal in a /portal context (using localhost:8080/portal as the new landing page).
The likely cause of the issue stems from this code: https://github.com/liferay/liferay-portal/blob/master/modules/apps/portal-security-sso/portal-security-sso-openid-connect-impl/src/main/java/com/liferay/portal/security/sso/openid/connect/internal/OpenIdConnectServiceHandlerImpl.java#L299
Steps to reproduce
1. In a clean Liferay bundle
2. Navigate to tomcat/webapps
3. Rename the "ROOT" folder "portal"
4. Navigate to tomcat/conf/Catalina/localhost
5. Rename "ROOT.xm"l to "portal.xml"
6. Start the bundle
7. Deploy the internal openid connect config file into the /liferay_home/osgi/configs directory
8. Navigate to Control Panel> Configuration> System Settings -> Foundation -> OpenID Connect (or search for OpenID Connect)
9. Check the Enabled checkbox and hit save
10. Open an incognito window and navigate to the site localhost:8080/portal
11. Go to Sign-in
12. Click on the OpenID Connect link
13. Select the provider, click Sign In
14. Authenticate on the provider
Results of Testing
Expected Result: The user will be redirected back to http://localhost:8080/portal....
Actual Result: The user is redirected to http://localhost:8080/c/portal/.....
Master
Reproduced: ccce04c16fe8a18f62e4d8ce0631b65f6ac56ef3
Branch
Reproduced:e15a1a4eccddec8f40d57332235644ecfaa54f97