Details
-
Bug
-
Resolution: Solved By
-
Critical
-
17.10.2, 18.1.0
-
Linux Mint 21.3 Virginia
Microsoft Edge Version 146.0.3856.84
-
Unknown
-
Description
Making a REST call to an inexistent wiki triggers an attempt to fetch the configuration files for the wiki, which leads to multiple errors in the logs. It also resets the selected authentication service to the standard one, without the option to modify it back. Restarting the instance allowed me to switch the authentication service.
When the incorrect REST call it's done, it affects both the main wiki and all the subwikis. The issue also occurs when the call it's made by a guest user with no view rights on the wiki.
Steps to reproduce:
- Open an instance and install an application that provides an authentication service (I installed Active Directory Application)
- Modify the authentication service from the Authentication section
- Open a different tab and make a REST call to an inexistent wiki. Ex:
http://localhost:8080/xwiki/rest/wikis/invalid/
- Check the authentication tab and logs
Expected result:
- The selected authentication service is unchanged
Actual result:
- The authentication service is now forced to com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl and the user cannot change it
- There are multiple error logs related to the invalid call
The issue is reproducible on XWiki 17.10.2, 17.10.4 and 18.1.0, but it is not reproducible on XWiki 17.4.6.
Attachments
Issue Links
- duplicates
-
-
- Closed
-
-
-
- Closed
-