-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 7.1
-
Fix Version/s: 7.2
-
Component/s: Authentication & Authorization
-
Labels:None
When a user is trying to authenticate via HTTP Headers/LDAP using an email address that is already defined by other SonarQube users, it's badly failing with an error 500.
Whereas prior to SonarQube 7.1, a message was returned to the user explaining him that this email was already used by someone else.
Reproducing:
- as admin, create a local user with login john and email john@doe.com
- via HTTP Headers (e.g. using this extension) try to log-in user mark with email john@doe.com . Login is denied with following message:
- as admin, create another local user with login frank and email john@doe.com
- via SSO, try to log-in user mark with email john@doe.com . Login fails with a server 500 error:
2018.05.01 14:33:27 ERROR web[][o.s.s.p.w.RootFilter] Processing of request / failed org.apache.ibatis.exceptions.TooManyResultsException: Expected one result (or null) to be returned by selectOne(), but found: 2 at org.apache.ibatis.session.defaults.DefaultSqlSession.selectOne(DefaultSqlSession.java:81) at org.apache.ibatis.binding.MapperMethod.execute(MapperMethod.java:83) at org.apache.ibatis.binding.MapperProxy.invoke(MapperProxy.java:59) at com.sun.proxy.$Proxy49.selectByEmail(Unknown Source) at org.sonar.db.user.UserDao.selectByEmail(UserDao.java:165) at org.sonar.server.authentication.UserIdentityAuthenticator.validateEmail(UserIdentityAuthenticator.java:140) at org.sonar.server.authentication.UserIdentityAuthenticator.registerNewUser(UserIdentityAuthenticator.java:123) at org.sonar.server.authentication.UserIdentityAuthenticator.authenticate(UserIdentityAuthenticator.java:99) at org.sonar.server.authentication.SsoAuthenticator.doAuthenticate(SsoAuthenticator.java:164) at org.sonar.server.authentication.SsoAuthenticator.doAuthenticate(SsoAuthenticator.java:132) at org.sonar.server.authentication.SsoAuthenticator.authenticate(SsoAuthenticator.java:109) at org.sonar.server.authentication.AuthenticatorsImpl.authenticate(AuthenticatorsImpl.java:43) at org.sonar.server.authentication.UserSessionInitializer.loadUserSession(UserSessionInitializer.java:120) at org.sonar.server.authentication.UserSessionInitializer.initUserSession(UserSessionInitializer.java:94) at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:86) at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:71) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.SecurityServletFilter.doHttpFilter(SecurityServletFilter.java:76) at org.sonar.server.platform.web.SecurityServletFilter.doFilter(SecurityServletFilter.java:48) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.RedirectFilter.doFilter(RedirectFilter.java:61) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.requestid.RequestIdFilter.doFilter(RequestIdFilter.java:63) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.sonar.server.platform.web.RootFilter.doFilter(RootFilter.java:62) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:108) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:256) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745)
- relates to
-
-
- Closed
-
-
SONAR-10338 Allow authentication of users using same email on different OAuth2 identity provider
-
- Closed
-
