[LPS-99556] Password is not exported to LDAP when adding a new user - Liferay Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Resolution: Fixed
Affects Version/s: 7.0.X, 7.1.X, 7.2.X, Master
Fix Version/s: 7.0.0 DXP FP86, 7.0.10.12 DXP SP12, 7.0.X, 7.1.10 DXP FP13, 7.1.X, 7.2.10 DXP FP2, 7.2.10.1 DXP SP1, 7.2.1 CE GA2, 7.2.X, 7.3.10 DXP GA1, Master
Component/s: Application Security > LDAP, User Management > Users & Organizations
Labels:

Branch Version/s:

7.2.x, 7.1.x, 7.0.x
Backported to Branch:

Committed
Fix Priority:
4
Git Pull Request:
https://github.com/brianchandotcom/liferay-portal/pull/76926
Bug Type:
Security

Description

toolReproduction steps:

In instance settings configure LDAP integration: add a LDAP server, enable LDAP integration and enable export.
Set log level of category "com.liferay.portal.security.ldap.internal.DefaultPortalLDAP" to DEBUG
Run this groovy script from server administration:

import com.liferay.portal.kernel.service.ServiceContext;
import com.liferay.portal.kernel.util.*

com.liferay.portal.kernel.service.UserLocalServiceUtil.addUser(
Long.parseLong(userInfo.get("liferay.user.id")),
Long.parseLong(userInfo.get("liferay.company.id")),
false,
"password",
"password",
false,
"usr",
"[email protected]",
0,
"",
LocaleUtil.SPAIN,
"firstName",
"middleName",
"lastName",
1,
1,
true,
6,
13,
1985,
"jobTitle",
[] as long[],
[] as long[],
[] as long[],
[] as long[],
false,
new ServiceContext()
)

Expected behavior:

In Liferay log one log trace has been written for password LDAP user attribute ('userPassword' attribute) and for each of the other LDAP user attributes exported.

2019-08-09 09:54:11.731 DEBUG [http-nio-8080-exec-3][DefaultPortalLDAP:729] LDAP user attribute cn: usr2
2019-08-09 09:54:11.732 DEBUG [http-nio-8080-exec-3][DefaultPortalLDAP:729] LDAP user attribute mail: [email protected]
2019-08-09 09:54:11.733 DEBUG [http-nio-8080-exec-3][DefaultPortalLDAP:729] LDAP user attribute title: jobTitle
2019-08-09 09:54:11.734 DEBUG [http-nio-8080-exec-3][DefaultPortalLDAP:729] LDAP user attribute givenName: firstName
2019-08-09 09:54:11.735 DEBUG [http-nio-8080-exec-3][DefaultPortalLDAP:722] LDAP user attribute userPassword: ********
2019-08-09 09:54:11.736 DEBUG [http-nio-8080-exec-3][DefaultPortalLDAP:729] LDAP user attribute sn: lastName

Actual behavior:

In Liferay log each attribute is logged except the password. The password has not been exported to LDAP:

2019-08-09 09:35:28.125 DEBUG [http-nio-8080-exec-7][DefaultPortalLDAP:729] LDAP user attribute cn: usr
2019-08-09 09:35:28.126 DEBUG [http-nio-8080-exec-7][DefaultPortalLDAP:729] LDAP user attribute mail: [email protected]
2019-08-09 09:35:28.127 DEBUG [http-nio-8080-exec-7][DefaultPortalLDAP:729] LDAP user attribute title: jobTitle
2019-08-09 09:35:28.128 DEBUG [http-nio-8080-exec-7][DefaultPortalLDAP:729] LDAP user attribute givenName: firstName
2019-08-09 09:35:28.133 DEBUG [http-nio-8080-exec-7][DefaultPortalLDAP:729] LDAP user attribute sn: lastName

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

log.png
110 kB
16/Aug/19 12:08 AM

Activity

People

Assignee:: Della Wang (Inactive)

Reporter:: Javier Moral

Participants of an Issue:: Della Wang, Javier Moral

Recent user:: Kiyoshi Lee

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 09/Aug/19 2:39 AM

Updated:: 09/Nov/20 4:34 PM

Resolved:: 13/Aug/19 11:46 AM

Days since last comment:: 3 years, 42 weeks, 4 days ago

Packages

Version	Package
7.0.0 DXP FP86
7.0.10.12 DXP SP12
7.0.X
7.1.10 DXP FP13
7.1.X
7.2.10 DXP FP2
7.2.10.1 DXP SP1
7.2.1 CE GA2
7.2.X
7.3.10 DXP GA1
Master