alvarosaugarlr · alvarosaugarlr · Nov 6, 2024 · Nov 7, 2024 · Nov 15, 2024 · Nov 15, 2024
diff --git a/...ser-test/src/testIntegration/java/com/liferay/user/service/test/UserLocalServiceTest.java b/...ser-test/src/testIntegration/java/com/liferay/user/service/test/UserLocalServiceTest.java
@@ -71,8 +71,10 @@
 import com.liferay.portal.kernel.util.HashMapDictionaryBuilder;
 import com.liferay.portal.kernel.util.LinkedHashMapBuilder;
 import com.liferay.portal.kernel.util.ListUtil;
+import com.liferay.portal.kernel.util.LocaleUtil;
 import com.liferay.portal.kernel.util.OrderByComparator;
 import com.liferay.portal.kernel.util.PortletKeys;
+import com.liferay.portal.kernel.util.Validator;
 import com.liferay.portal.kernel.util.comparator.UserLastLoginDateComparator;
 import com.liferay.portal.kernel.workflow.WorkflowConstants;
 import com.liferay.portal.security.audit.AuditMessageProcessor;
@@ -148,6 +150,37 @@ public void tearDown() throws Exception {
 		_bundleActivator.stop(_bundleContext);
 	}
 
+	@Test
+	public void testAddUserWithEmptyPassword() throws Exception {
+		User user = _userLocalService.addUser(
+			0, TestPropsValues.getCompanyId(), true, StringPool.BLANK,
+			StringPool.BLANK, false, RandomTestUtil.randomString(),
+			RandomTestUtil.randomString() + "@liferay.com", LocaleUtil.US,
+			RandomTestUtil.randomString(), RandomTestUtil.randomString(),
+			RandomTestUtil.randomString(), 0, 0, true, 1, 1, 1970,
+			StringPool.BLANK, UserConstants.TYPE_REGULAR, new long[0],
+			new long[0], new long[0], new long[0], false,
+			ServiceContextTestUtil.getServiceContext(
+				TestPropsValues.getCompanyId(), TestPropsValues.getGroupId(),
+				TestPropsValues.getUserId()));
+
+		Assert.assertTrue(Validator.isNull(user.getPassword()));
+
+		user = _userLocalService.addUser(
+			0, TestPropsValues.getCompanyId(), false, "test", "test", false,
+			RandomTestUtil.randomString(),
+			RandomTestUtil.randomString() + "@liferay.com", LocaleUtil.US,
+			RandomTestUtil.randomString(), RandomTestUtil.randomString(),
+			RandomTestUtil.randomString(), 0, 0, true, 1, 1, 1970,
+			StringPool.BLANK, UserConstants.TYPE_REGULAR, new long[0],
+			new long[0], new long[0], new long[0], false,
+			ServiceContextTestUtil.getServiceContext(
+				TestPropsValues.getCompanyId(), TestPropsValues.getGroupId(),
+				TestPropsValues.getUserId()));
+
+		Assert.assertTrue(Validator.isNotNull(user.getPassword()));
+	}
+
 	@Test
 	public void testAuthenticateByEmailAddress() throws Exception {
 		User user = UserTestUtil.addUser();
@@ -1035,7 +1068,20 @@ public void testUpdatePasswordWithModifiedAlgorithm() throws Exception {
 					"_PASSWORDS_ENCRYPTION_ALGORITHM",
 					"PBKDF2WithHmacSHA1/160/720000")) {
 
-			User user = UserTestUtil.addUser();
+			String password = RandomTestUtil.randomString(
+				UniqueStringRandomizerBumper.INSTANCE);
+
+			User user = _userLocalService.addUser(
+				0, TestPropsValues.getCompanyId(), false, password, password,
+				false, RandomTestUtil.randomString(),
+				RandomTestUtil.randomString() + "@liferay.com", LocaleUtil.US,
+				RandomTestUtil.randomString(), RandomTestUtil.randomString(),
+				RandomTestUtil.randomString(), 0, 0, true, 1, 1, 1970,
+				StringPool.BLANK, UserConstants.TYPE_REGULAR, new long[0],
+				new long[0], new long[0], new long[0], false,
+				ServiceContextTestUtil.getServiceContext(
+					TestPropsValues.getCompanyId(),
+					TestPropsValues.getGroupId(), TestPropsValues.getUserId()));
 
 			String encryptedPassword = user.getPassword();
 
@@ -1046,7 +1092,7 @@ public void testUpdatePasswordWithModifiedAlgorithm() throws Exception {
 				PasswordEncryptorUtil.class, "_PASSWORDS_ENCRYPTION_ALGORITHM",
 				"MD5");
 
-			String password = RandomTestUtil.randomString(
+			password = RandomTestUtil.randomString(
 				UniqueStringRandomizerBumper.INSTANCE);
 
 			user = _userLocalService.updatePassword(

diff --git a/portal-impl/src/com/liferay/portal/service/impl/UserLocalServiceImpl.java b/portal-impl/src/com/liferay/portal/service/impl/UserLocalServiceImpl.java
@@ -271,9 +271,12 @@ public User addDefaultAdminUser(
 
 		boolean passwordReset = _isPasswordReset(companyId);
 
+		boolean sendEmail = false;
+
 		if (Validator.isNull(password)) {
 			autoPassword = true;
 			passwordReset = true;
+			sendEmail = true;
 		}
 
 		boolean autoScreenName = false;
@@ -315,7 +318,6 @@ public User addDefaultAdminUser(
 		long[] roleIds = {adminRole.getRoleId(), powerUserRole.getRoleId()};
 
 		long[] userGroupIds = null;
-		boolean sendEmail = false;
 		ServiceContext serviceContext = new ServiceContext();
 
 		Company company = _companyLocalService.getCompany(companyId);
@@ -1216,10 +1218,23 @@ public User addUserWithWorkflow(
 			autoScreenName, screenName, emailAddress, null, firstName,
 			middleName, lastName, organizationIds, locale);
 
-		if (!autoPassword &&
-			(Validator.isNull(password1) || Validator.isNull(password2))) {
+		if (Validator.isNull(password1)) {
+			if (!autoPassword) {
+				throw new UserPasswordException.MustNotBeNull(userId);
+			}
+			else if (Validator.isNotNull(password2)) {
+				throw new UserPasswordException.MustNotBeChanged(userId);
+			}
+		}
+		else if (Validator.isNull(password2)) {
+			if (!autoPassword) {
+				throw new UserPasswordException.MustNotBeNull(userId);
+			}
 
-			throw new UserPasswordException.MustNotBeNull(userId);
+			throw new UserPasswordException.MustNotBeChanged(userId);
+		}
+		else if (autoPassword) {
+			throw new UserPasswordException.MustNotBeChanged(userId);
 		}
 
 		if (autoScreenName) {
@@ -1881,10 +1896,8 @@ public void checkPasswordExpired(User user) throws PortalException {
 	 * the confirmation email.
 	 *
 	 * @param user the user
-	 * @param serviceContext the service context to be applied. You can specify
-	 *        an unencrypted custom password for the user via attribute
-	 *        <code>passwordUnencrypted</code>. You automatically generate a
-	 *        password for the user by setting attribute
+	 * @param serviceContext the service context to be applied. You
+	 *        automatically generate a password for the user by setting attribute
 	 *        <code>autoPassword</code> to <code>true</code>. You can send a
 	 *        confirmation email to the user by setting attribute
 	 *        <code>sendEmail</code> to <code>true</code>.
@@ -1898,8 +1911,6 @@ public void completeUserRegistration(
 			serviceContext, "autoPassword");
 
 		if (autoPassword) {
-			String password = StringPool.BLANK;
-
 			if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
 				if (_log.isWarnEnabled()) {
 					_log.warn(
@@ -1912,23 +1923,20 @@ public void completeUserRegistration(
 
 				RegExpToolkit regExpToolkit = new RegExpToolkit();
 
-				password = regExpToolkit.generate(null);
-			}
-			else {
-				password = PwdToolkitUtil.generate(
-					_passwordPolicyLocalService.getPasswordPolicy(
-						user.getCompanyId(), user.getOrganizationIds()));
-			}
+				String password = regExpToolkit.generate(null);
 
-			serviceContext.setAttribute("passwordUnencrypted", password);
+				serviceContext.setAttribute("passwordUnencrypted", password);
 
-			PasswordModificationThreadLocal.setPasswordModified(true);
-			PasswordModificationThreadLocal.setPasswordUnencrypted(password);
+				PasswordModificationThreadLocal.setPasswordModified(true);
+				PasswordModificationThreadLocal.setPasswordUnencrypted(
+					password);
+
+				user.setPassword(PasswordEncryptorUtil.encrypt(password));
+				user.setPasswordEncrypted(true);
+				user.setPasswordUnencrypted(password);
+			}
 
-			user.setPassword(PasswordEncryptorUtil.encrypt(password));
-			user.setPasswordEncrypted(true);
 			user.setPasswordModifiedDate(new Date());
-			user.setPasswordUnencrypted(password);
 			user.setPasswordModified(true);
 
 			user = userPersistence.update(user);

diff --git a/portal-impl/src/com/liferay/portal/servlet/filters/autologin/AutoLoginFilter.java b/portal-impl/src/com/liferay/portal/servlet/filters/autologin/AutoLoginFilter.java
@@ -53,9 +53,8 @@ protected String getLoginRemoteUser(
 		}
 
 		String jUserName = credentials[0];
-		String jPassword = credentials[1];
 
-		if (Validator.isNull(jUserName) || Validator.isNull(jPassword)) {
+		if (Validator.isNull(jUserName)) {
 			return null;
 		}
 
@@ -82,19 +81,25 @@ protected String getLoginRemoteUser(
 
 		httpSession.setAttribute("j_username", jUserName);
 
-		// Not having access to the unencrypted password will not allow you to
-		// connect to external resources that require it (mail server)
+		String jPassword = credentials[1];
 
-		if (GetterUtil.getBoolean(credentials[2])) {
-			httpSession.setAttribute("j_password", jPassword);
-		}
-		else {
-			httpSession.setAttribute(
-				"j_password",
-				PasswordEncryptorUtil.encrypt(jPassword, user.getPassword()));
+		if (Validator.isNotNull(jPassword)) {
 
-			if (PropsValues.SESSION_STORE_PASSWORD) {
-				httpSession.setAttribute(WebKeys.USER_PASSWORD, jPassword);
+			// Not having access to the unencrypted password will not allow you
+			// to connect to external resources that require it (mail server)
+
+			if (GetterUtil.getBoolean(credentials[2])) {
+				httpSession.setAttribute("j_password", jPassword);
+			}
+			else {
+				httpSession.setAttribute(
+					"j_password",
+					PasswordEncryptorUtil.encrypt(
+						jPassword, user.getPassword()));
+
+				if (PropsValues.SESSION_STORE_PASSWORD) {
+					httpSession.setAttribute(WebKeys.USER_PASSWORD, jPassword);
+				}
 			}
 		}