Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-3492

Registration issues when email-verication/authentication enabled

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.8
    • Fix Version/s: 5.3-milestone-1
    • Component/s: Authentication
    • Labels:
    • Environment:
    • Documentation:
      N/A
    • Documentation in Release Notes:
      N/A
    • Similar issues:

      Description

      Two problems that arise when following options enabed:

      • Administration->Registration->Use email verification == yes
      • Administration->Registration->Check Active fields for user authentication==yes

      (1) /xwiki/bin/register/XWiki/Register allows registration of a user with an empty email field.

      After submission, a "dead" user is created with the name given by the user. That account will of course never be automatically validated given that no email went out. The user gets to figure out what's wrong by reading the stacktrace resulting from hitting "submit" with an empty email field:

      A problem occured while trying to process your request. Please contact the webmaster if this happens again.

      Detailed information:

      Error number 10006 in 10: Could not send mail to server smtp port 25 error code 553 (553 5.0.0 <>... User address required
      )
      com.xpn.xwiki.XWikiException: Error number 10006 in 10: Could not send mail to server smtp port 25 error code 553 (553 5.0.0 <>... User address required
      )
      at com.xpn.xwiki.XWiki.sendMessage(XWiki.java:3362)
      at com.xpn.xwiki.XWiki.sendMessage(XWiki.java:3392)
      at com.xpn.xwiki.XWiki.sendValidationEmail(XWiki.java:3306)
      at com.xpn.xwiki.XWiki.sendValidationEmail(XWiki.java:3271)
      at com.xpn.xwiki.XWiki.createUser(XWiki.java:3225)
      at com.xpn.xwiki.web.RegisterAction.action(RegisterAction.java:41)
      at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:215)
      at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:115)
      at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
      at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
      at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
      at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.xpn.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:145)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:111)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.xpn.xwiki.plugin.webdav.XWikiDavFilter.doFilter(XWikiDavFilter.java:68)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.xpn.xwiki.web.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:295)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.xpn.xwiki.web.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:112)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
      at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
      at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
      at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
      at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
      at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
      at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
      at java.lang.Thread.run(Thread.java:619)

      (2) /xwiki/bin/register/XWiki/Register allows registration of a user with a bad or bogus email name, resulting in another backtrace:

      A problem occured while trying to process your request. Please contact the webmaster if this happens again.

      Detailed information:

      Error number 10006 in 10: Could not send mail to server smtp port 25 error code 550 (550 5.1.1 ... User unknown
      )
      com.xpn.xwiki.XWikiException: Error number 10006 in 10: Could not send mail to server smtp port 25 error code 550 (550 5.1.1 ... User unknown
      )
      at com.xpn.xwiki.XWiki.sendMessage(XWiki.java:3362)
      at com.xpn.xwiki.XWiki.sendMessage(XWiki.java:3392)
      at com.xpn.xwiki.XWiki.sendValidationEmail(XWiki.java:3306)
      at com.xpn.xwiki.XWiki.sendValidationEmail(XWiki.java:3271)
      at com.xpn.xwiki.XWiki.createUser(XWiki.java:3225)
      at com.xpn.xwiki.web.RegisterAction.action(RegisterAction.java:41)
      at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:215)
      at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:115)
      at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
      at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
      at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
      at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.xpn.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:145)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:111)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.xpn.xwiki.plugin.webdav.XWikiDavFilter.doFilter(XWikiDavFilter.java:68)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.xpn.xwiki.web.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:295)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.xpn.xwiki.web.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:112)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
      at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
      at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
      at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
      at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
      at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
      at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
      at java.lang.Thread.run(Thread.java:619)

      In both cases, the creation of a XWiki.username document and associated XWiki.XWikiAllGroup entry shoudn't occur until after successful send of the registration email. Also, some common validation rules for email fields should be applied to the registration page's email field when "Use email verification==yes" && "Check Active fields for user authentication==yes".

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                softec Denis Gervalle
                Reporter:
                nielsmayer Niels Mayer, http://nielsmayer.com
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Date of First Response: