portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ate Douma (JIRA)" <jetspeed-...@jakarta.apache.org>
Subject [jira] Created: (JS2-213) Adding a User with an invalid password creates the user (without password) although an error is reported
Date Tue, 15 Feb 2005 22:38:45 GMT
Adding a User with an invalid password creates the user (without password) although an error
is reported
--------------------------------------------------------------------------------------------------------

         Key: JS2-213
         URL: http://issues.apache.org/jira/browse/JS2-213
     Project: Jetspeed 2
        Type: Bug
  Components: Security, Admin Portlets, Persistence and DAO  
    Versions: 2.0-dev/cvs    
    Reporter: Ate Douma
 Assigned to: Ate Douma 
    Priority: Minor


When a User is added with an invalid password (we use the SimplePasswordCredentialValidator)
using the User Admin Portlet
an error message is reported that the user cannot be created (just that...).
When subsequently a correct password is entered and adding the user is tried again the error:
User is already defined
is reported back although the user isn't visible (yet) in the the list above.
Only after logging on again (or adding another user successfully) the created user is displayed.
This is a caching problem.

A SECURITY_PRINCIPAL record *is* created but without a SECURITY_CREDENTIAL record.
To solve this problem, the user should not be created when the supplied password is invalid.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message