Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-18010

Authentication Security mechanism shouldn't be triggered by empty username

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 11.10.5
    • Fix Version/s: 11.10.11, 12.6.5, 12.10
    • Component/s: Authentication
    • Labels:
      None
    • Tests:
      Unit
    • Difficulty:
      Unknown
    • Documentation:
      N/A
    • Documentation in Release Notes:
      N/A
    • Similar issues:

      Description

      When the authentication is performed with an empty username it's possible that it triggers the security mechanism: this might lead in some edge cases to the systematic display of CAPTCHA. We should never trigger the security mechanism for empty logins.

        Attachments

          Activity

            People

            Assignee:
            surli Simon Urli
            Reporter:
            surli Simon Urli
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: