Uploaded image for project: 'Service Packs and Hot Fixes'
  1. Service Packs and Hot Fixes
  2. MNT-1410

email to invite external users does not allow external users to login (no credentails)

    Details

    • Type: Service Pack Request
    • Status: Closed (View Workflow)
    • Resolution: Fixed
    • Affects Version/s: 3.2 R, 3.2
    • Fix Version/s: 3.2.1
    • Component/s: Installer
    • Labels:
      None
    • Bug Priority:
      Category 2
    • ACT Numbers:

      16484

    • Testcase ID:
      Hide

      REP-778

      Show
      REP-778

      Description

      This looks like a regression of ETHREEOH-712

      email to invite external users does not allow external users to login (no credentails)

      How to reproduce?
      ==================
      This was reproduced on 3.2 and 3.2r.

      1) build a system that allows external users and ldap users, e.g.:

      authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad

      ntlm.authentication.sso.enabled=false
      alfresco.authentication.authenticateCIFS=false

      ntlm.authentication.sso.enabled=false
      #passthru.authentication.authenticateCIFS=true

      ldap.authentication.active=true
      ldap.synchronization.active=true

      1. ldap.authentication.active=false
        ldap.authentication.java.naming.provider.url=ldap://10.69.69.99:389
        ldap.authentication.userNameFormat=CN=%s,cn=Users,dc=example,dc=foo
        ldap.authentication.java.naming.security.authentication=simple
        ldap.authentication.defaultAdministratorUserNames=administrator
        ldap.authentication.authenticateFTP=false

      ldap.synchronization.active=true
      ldap.synchronization.java.naming.security.principal=CN=Administrator,CN=Users,DC=example,DC=foo
      ldap.synchronization.java.naming.security.credentials=mypass
      ldap.synchronization.userSearchBase=cn=Users,DC=example,DC=foo
      ldap.synchronization.groupSearchBase=DC=example,DC=foo
      synchronization.synchronizeChangesOnly=false
      synchronization.import.cron=0 0 0 * * ?
      synchronization.syncWhenMissingPeopleLogIn=true
      synchronization.autoCreatePeopleOnLogin=true

      2) go to share as administrator
      3) create a sample site (moderated) 'site1'
      4) go to the invite page: at the bottom there is an external user "add" button
      5) Invite John Doe, shareuser1@localhost.foo and sniff the network to get the content of the mail.

      Result:
      ===========
      The mail shows two links: one to cceot one to reject the invitaion.
      However, the link when clicked asks for authentication and the new user does not know his login details

      Expected result:
      ================
      The link bypass the authentication and allows the user to set a password

      OR

      The mail contains the login details.

      =======network dump mail body==========
      T 127.0.0.1:34523 -> 127.0.0.1:25 [AP]
      Date: Thu, 18 Feb 2010 14:41:47 +0000 (GMT)..From: alfresco@alfresco.org..To: shareuser1@loca
      lhost.foo..Message-ID: <28743360.01266504107221.JavaMail.root@amadon>..Subject: Invitation to
      join 'site1' site..MIME-Version: 1.0..Content-Type: text/plain; charset=UTF-8..Content-Trans
      fer-Encoding: 7bit......Hello John,....You have been invited by administrator to join the 's
      ite1' site.....Your role in the site will be SiteCollaborator.....To accept this invitation c
      lick the link below.....http://localhost:8080/share/page/accept-invite?inviteId=jbpm$1&invite eUserName=john_doe&siteShortName=site1&inviteTicket=4d019673-5cd4-43e8-91f8-5caa0f7764b8....I
      f you do not want to join the site then click here:....http://localhost:8080/share/page/rejec
      t-invite?inviteId=jbpm$1&inviteeUserName=john_doe&siteShortName=site1&inviteTicket=4d019673-5
      cd4-43e8-91f8-5caa0f7764b8....Regards,..Alfresco Share Team.......

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                closedbugs Closed Bugs
                Reporter:
                amadon Alex Madon [X] (Inactive)
              • Votes:
                2 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: