Hi people,
we have public registration with confirmation of the eMail address. Upon confirmation the profile goes into a holding group for pending registrations, since we require other formalities to be met before the user is assigned to an active group. Logging in is not allowed for the holding group, but of course many impatient users try to anyway.
What then should happen imho is that Cyclos should kindly say that logging in is not permitted in your user group. What actually happens is an application error, culminating in:
nl.strohalm.cyclos.exceptions.PermissionDeniedException
at nl.strohalm.cyclos.services.access.AccessServiceImpl.verifyLogin(AccessServiceImpl.java:1074)
at nl.strohalm.cyclos.services.access.AccessServiceSecurity.verifyLogin(AccessServiceSecurity.java:357)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at nl.strohalm.cyclos.spring.ServiceSecurityProxyInvocationHandler.invoke(ServiceSecurityProxyInvocationHandler.java:65)
at $Proxy13.verifyLogin(Unknown Source)
This is annoying because the flood of application errors has forced me to switch off eMail notification of application errors - not something I wanted to do, I would like to get a mail if there is any REAL error. So can something be done about this?
Thanks, cheers, Tim
[ Cyclos 3.6 ] Application error when it should not be
Moderators: hugo, alexandre, rmvanarkel
We tried to reproduce this but without luck.
We configured a group, set it as 'initial' group with the option "E-mail validation" - On public registration only.
When the member tries to login without confirming the registration it gets a normal error box with 'invalid login' message. It must be a configuration error.
Still it should not generate an application error. But from the error we cannot see what is going on.
We configured a group, set it as 'initial' group with the option "E-mail validation" - On public registration only.
When the member tries to login without confirming the registration it gets a normal error box with 'invalid login' message. It must be a configuration error.
Still it should not generate an application error. But from the error we cannot see what is going on.
I think, what Tim described is the situation, that the new user already confirmed his email address and is now in some group with confirmed email but still without possibility to login.
After confirming the email account, so he decsribes, the user stays in some user group awaiting confirmation by administration. Only after administration moved the user to the active users group, the user can log in.
What happens on your system when a user (with confirmed email) is moved into a group without permittance to login? Does he see a kind warning that he can not login, or do you see a system failure as well?
Best regards
Oliver
After confirming the email account, so he decsribes, the user stays in some user group awaiting confirmation by administration. Only after administration moved the user to the active users group, the user can log in.
What happens on your system when a user (with confirmed email) is moved into a group without permittance to login? Does he see a kind warning that he can not login, or do you see a system failure as well?
Best regards
Oliver
Some clarification
Hi,
and many thanks for trying the config, and to Oliver for explaining some more. I think Oliver explained it pretty well, let me just add this:
The public registration initially leads to a profile with no group assigned, we have called it "Pending (unconfirmed)". When the user confirms the Email, the profile is assigned to a real group, the start group, called "Pending (confirmed)". This group has ALL permissions and communication channels switched off, because we have various formalities stipulated which must be checked out and some values entered by our back-office team. They then move the account into an appropriate active group (we have four). The new member then receives the automatic welcoming eMail. As stated, it all works fine, except that impatient would-be members keep causing the application error.
Oh and another thing for the wish list: Sometimes a user registers the account themselves, but sometimes the back-office team will do it, i.e. when the user did not do it before filling in our paperwork. Unfortunately, Cyclos only provides the same one eMail for both cases. It would be much easier for me to have two, each with an exact and appropriate text body.
Again, many thanks! Tim
and many thanks for trying the config, and to Oliver for explaining some more. I think Oliver explained it pretty well, let me just add this:
The public registration initially leads to a profile with no group assigned, we have called it "Pending (unconfirmed)". When the user confirms the Email, the profile is assigned to a real group, the start group, called "Pending (confirmed)". This group has ALL permissions and communication channels switched off, because we have various formalities stipulated which must be checked out and some values entered by our back-office team. They then move the account into an appropriate active group (we have four). The new member then receives the automatic welcoming eMail. As stated, it all works fine, except that impatient would-be members keep causing the application error.
Oh and another thing for the wish list: Sometimes a user registers the account themselves, but sometimes the back-office team will do it, i.e. when the user did not do it before filling in our paperwork. Unfortunately, Cyclos only provides the same one eMail for both cases. It would be much easier for me to have two, each with an exact and appropriate text body.
Again, many thanks! Tim
Re: [ Cyclos 3.6 ] Application error when it should not be
Again many thanks for trying to reproduce the bug. I'm snowed under with work at the moment so can't try to reproduce on a vanilla, all I can do right now is to post the complete error message in the hope that it may give a clue:
Cheers, Tim
Code: Select all
Datum 12.02.2012 18:59:09
Angemeldete Benutzer Kein Benutzer angemeldet
Pfad /rewigmuenchen/do/login
Abfrageparameter
operatorLogin= false
password= ***
principal= Oliver-Sachs
principalType= USER
Java Fehlerdetails
nl.strohalm.cyclos.exceptions.PermissionDeniedException
at nl.strohalm.cyclos.services.access.AccessServiceImpl.verifyLogin(AccessServiceImpl.java:1074)
at nl.strohalm.cyclos.services.access.AccessServiceSecurity.verifyLogin(AccessServiceSecurity.java:357)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at nl.strohalm.cyclos.spring.ServiceSecurityProxyInvocationHandler.invoke(ServiceSecurityProxyInvocationHandler.java:65)
at $Proxy13.verifyLogin(Unknown Source)
at nl.strohalm.cyclos.utils.LoginHelper.login(LoginHelper.java:128)
at nl.strohalm.cyclos.controls.access.LoginAction.doLogin(LoginAction.java:115)
at nl.strohalm.cyclos.controls.access.LoginAction.handleSubmit(LoginAction.java:194)
at nl.strohalm.cyclos.controls.BasePublicFormAction.executeAction(BasePublicFormAction.java:55)
at nl.strohalm.cyclos.controls.BasePublicAction.execute(BasePublicAction.java:79)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
at nl.strohalm.cyclos.struts.CyclosRequestProcessor.doExecuteAction(CyclosRequestProcessor.java:452)
at nl.strohalm.cyclos.struts.CyclosRequestProcessor.processActionPerform(CyclosRequestProcessor.java:274)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
at nl.strohalm.cyclos.struts.CyclosRequestProcessor.process(CyclosRequestProcessor.java:141)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at nl.strohalm.cyclos.http.LoggedUserFilter.execute(LoggedUserFilter.java:90)
at nl.strohalm.cyclos.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at nl.strohalm.cyclos.http.RequestProcessingFilter.execute(RequestProcessingFilter.java:74)
at nl.strohalm.cyclos.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at nl.strohalm.cyclos.http.SanitizerFilter.execute(SanitizerFilter.java:66)
at nl.strohalm.cyclos.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:291)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:776)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:705)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:898)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:679)
Re: [ Cyclos 3.6 ] Application error when it should not be
Hi Tim,
Ok we found it. The report was a bit confusing. The user is actually presented an error, and it also generates an app error. So a bug indeed. We will provide a fix with the coming update.
Thanks for insisting on this.
Hugo
Ok we found it. The report was a bit confusing. The user is actually presented an error, and it also generates an app error. So a bug indeed. We will provide a fix with the coming update.
Thanks for insisting on this.
Hugo