Submit Feedback
Legacy Knowledge Base
Published Jul. 2, 2025

LDAP users are able to login with Default User Password

Written By

Sivakumar Perumal

How To articles are not official guidelines or officially supported documentation. They are community-contributed content and may not always reflect the latest updates to Liferay DXP. We welcome your feedback to improve How To articles!

While we make every effort to ensure this Knowledge Base is accurate, it may not always reflect the most recent updates or official guidelines.We appreciate your understanding and encourage you to reach out with any feedback or concerns.

Legacy Article

You are viewing an article from our legacy "FastTrack" publication program, made available for informational purposes. Articles in this program were published without a requirement for independent editing or verification and are provided"as is" without guarantee.

Before using any information from this article, independently verify its suitability for your situation and project.

Issue

  • Users from LDAP are able to login with the value which is defined in "Default User Password" field under the LDAP import/export settings.

Environment

  • Liferay DXP 7.0

Resolution

  • Liferay will allow the LDAP users to login using the defined value in the "Default User Password" field and it is the intended behavior of Liferay.

  • Why is it the intentional design of Liferay?

    In Import/Export options of LDAP, if "Enable Import" option is checked, based on the mapped attributes in LDAP server, the user's attribute value from the LDAP server will be imported to Liferay's database whereas when it comes to password import, Liferay provides below three OOTB options to manage the password import.

    1) Enable User Password on Import
    2) Autogenerate User Password on Import
    3) Default User Password 

  • Liferay has to use any of the option to import the password to its connected database, if 1st and the 2nd option is not checked then it will use the 3rd option i.e "Default User Password".

Additional Information

  • Note: Liferay never allows the user to login if the user which is present in the Liferay database doesn't have a password or the password is empty

    1) Enable User Password on Import

    Importing the user password from LDAP server to Liferay database. i.e Same password in both the Liferay database and LDAP server.

    2) Autogenerate User Password on Import

    Instead of importing the user password from LDAP server it will autogenerate one password in Liferay which will be successfully imported to the user in the Liferay database.

    3) Default User Password

    This option is provided to define the password to import into Liferay database and which is same for all the users who are authenticating into Liferay from LDAP

Did this article resolve your issue ?
Legacy Knowledge Base
Did this article resolve your issue ?