Details

    • Type: Service Pack Request Service Pack Request
    • Status: Closed Closed (View Workflow)
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: 3.4.7, 4.0
    • Fix Version/s: 4.1.1
    • Component/s: CIFS
    • Labels:
      None
    • ACT Numbers:

      15024-39825

      Description

      When an account is disabled the expected behavior is that the access would be forbiden whatever the access protocol is. If disabled the account is not accessible through HTTP as expected but accessible through CIFS. FTP is blocked as expected. It should be the same for all protocols.

      How to reproduce:

      -Install an AOB 4.0.x version.
      -Activate CIFS
      -Create an user in SHARE (would be the same with JSF client).
      -Check that you can access using CIFS and SHARE using the newly created user.
      -Deactivate the newly created detail usin SHARE UI (got to user details and check "disable account").

      • Try to log in SHARE using the disabled user. As expected you can't.
        -Try to mount an "alfreso" drive using CIFS and the disabled user, it works, you can still access Alfresco. The expected result is that you would be blocked, it is not the case.
      1. screen1.png
        102 kB
      2. screen2.png
        27 kB

        Issue Links

          Activity

          Hide
          Mark Rogers added a comment -

          r34478

          Added a new method to the PersonService (isEnabled)

          Reworked EnterpriseCifsAuthenticator to check the person is enabled.
          Also overhauled the logging and corrected the exception handling.

          Reworked the logging in PassthruCifsAuthenticator.

          Show
          Mark Rogers added a comment - r34478 Added a new method to the PersonService (isEnabled) Reworked EnterpriseCifsAuthenticator to check the person is enabled. Also overhauled the logging and corrected the exception handling. Reworked the logging in PassthruCifsAuthenticator.
          Hide
          Alfresco QA Team added a comment -

          The issue is reproduced on Alfresco Enterprise v4.0.2 (911).

          Show
          Alfresco QA Team added a comment - The issue is reproduced on Alfresco Enterprise v4.0.2 (911).
          Hide
          Alfresco QA Team added a comment -

          The issue is reproduced on Alfresco Enterprise v3.4.10 (688).
          After disabling account user still has access to alfresco thru CIFS.
          DariaV

          Show
          Alfresco QA Team added a comment - The issue is reproduced on Alfresco Enterprise v3.4.10 (688). After disabling account user still has access to alfresco thru CIFS. DariaV
          Hide
          Alfresco QA Team added a comment -

          The issue was re-tested against Alfresco Enterprise v4.1.1 (b134) with the following results:

          1. Using 'net use' command in Windows to mount a CIFS drive, the disabled user can't mount a CIFS drive as expected. Output:

          C:\Users\christina.sheludko>net use * \\172.30.40.111\alfresco
          Enter the user name for '172.30.40.111': dwrench
          Enter the password for 172.30.40.111:
          System error 86 has occurred.

          The specified network password is not correct.

          2. Using 'Map Network Drive' Windows option it is possible to mount a CIFS drive, but it is impossible to enter it. Please, refer to the attached screenshots: screen1.png shows that drive is mounted but is not accessible, screen2.png shows that the drive is mounted by 'net use' command.

          Could you, please, clarify whether this behavior is correct? Or inaccessible CIFS drive shouldn't be mounted via 'Map Network Drive' action, does it?

          Environment: Ubuntu v10.04 x64, PostgreSQL v9.0.4, Tomcat v6.0.35, Java v1.6.0_u33 (all installer deployed); Client: Windows 7 SP1 x64, Windows Explorer, FF v14.0.1.

          ChristinaSh

          Show
          Alfresco QA Team added a comment - The issue was re-tested against Alfresco Enterprise v4.1.1 (b134) with the following results: 1. Using 'net use' command in Windows to mount a CIFS drive, the disabled user can't mount a CIFS drive as expected. Output: C:\Users\christina.sheludko>net use * \\172.30.40.111\alfresco Enter the user name for '172.30.40.111': dwrench Enter the password for 172.30.40.111: System error 86 has occurred. The specified network password is not correct. 2. Using 'Map Network Drive' Windows option it is possible to mount a CIFS drive, but it is impossible to enter it. Please, refer to the attached screenshots: screen1.png shows that drive is mounted but is not accessible, screen2.png shows that the drive is mounted by 'net use' command. Could you, please, clarify whether this behavior is correct? Or inaccessible CIFS drive shouldn't be mounted via 'Map Network Drive' action, does it? Environment: Ubuntu v10.04 x64, PostgreSQL v9.0.4, Tomcat v6.0.35, Java v1.6.0_u33 (all installer deployed); Client: Windows 7 SP1 x64, Windows Explorer, FF v14.0.1. ChristinaSh
          Hide
          Alfresco QA Team added a comment -

          Thank you very much, Derek. In this case, I'm closing this one and will raise a separate one describing incorrect kicking.
          ChristinaSh

          Show
          Alfresco QA Team added a comment - Thank you very much, Derek. In this case, I'm closing this one and will raise a separate one describing incorrect kicking. ChristinaSh

            People

            • Assignee:
              Closed Bugs
              Reporter:
              Philippe Dubois
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 hours
                2h