Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-10652

Badly fail when authenticating via HTTP Headers/LDAP if another user already uses the same email address

    Details

      Description

      When a user is trying to authenticate via HTTP Headers/LDAP using an email address that is already defined by other SonarQube users, it's badly failing with an error 500.
      Whereas prior to SonarQube 7.1, a message was returned to the user explaining him that this email was already used by someone else.

      Reproducing:

      • as admin, create a local user with login john and email john@doe.com
      • via HTTP Headers (e.g. using this extension) try to log-in user mark with email john@doe.com . Login is denied with following message:
      • as admin, create another local user with login frank and email john@doe.com
      • via SSO, try to log-in user mark with email john@doe.com . Login fails with a server 500 error:
        2018.05.01 14:33:27 ERROR web[][o.s.s.p.w.RootFilter] Processing of request / failed
        org.apache.ibatis.exceptions.TooManyResultsException: Expected one result (or null) to be returned by selectOne(), but found: 2
        	at org.apache.ibatis.session.defaults.DefaultSqlSession.selectOne(DefaultSqlSession.java:81)
        	at org.apache.ibatis.binding.MapperMethod.execute(MapperMethod.java:83)
        	at org.apache.ibatis.binding.MapperProxy.invoke(MapperProxy.java:59)
        	at com.sun.proxy.$Proxy49.selectByEmail(Unknown Source)
        	at org.sonar.db.user.UserDao.selectByEmail(UserDao.java:165)
        	at org.sonar.server.authentication.UserIdentityAuthenticator.validateEmail(UserIdentityAuthenticator.java:140)
        	at org.sonar.server.authentication.UserIdentityAuthenticator.registerNewUser(UserIdentityAuthenticator.java:123)
        	at org.sonar.server.authentication.UserIdentityAuthenticator.authenticate(UserIdentityAuthenticator.java:99)
        	at org.sonar.server.authentication.SsoAuthenticator.doAuthenticate(SsoAuthenticator.java:164)
        	at org.sonar.server.authentication.SsoAuthenticator.doAuthenticate(SsoAuthenticator.java:132)
        	at org.sonar.server.authentication.SsoAuthenticator.authenticate(SsoAuthenticator.java:109)
        	at org.sonar.server.authentication.AuthenticatorsImpl.authenticate(AuthenticatorsImpl.java:43)
        	at org.sonar.server.authentication.UserSessionInitializer.loadUserSession(UserSessionInitializer.java:120)
        	at org.sonar.server.authentication.UserSessionInitializer.initUserSession(UserSessionInitializer.java:94)
        	at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:86)
        	at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:71)
        	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        	at org.sonar.server.platform.web.SecurityServletFilter.doHttpFilter(SecurityServletFilter.java:76)
        	at org.sonar.server.platform.web.SecurityServletFilter.doFilter(SecurityServletFilter.java:48)
        	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        	at org.sonar.server.platform.web.RedirectFilter.doFilter(RedirectFilter.java:61)
        	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        	at org.sonar.server.platform.web.requestid.RequestIdFilter.doFilter(RequestIdFilter.java:63)
        	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        	at org.sonar.server.platform.web.RootFilter.doFilter(RootFilter.java:62)
        	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        	at org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:108)
        	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
        	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
        	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
        	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
        	at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:256)
        	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
        	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
        	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
        	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
        	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
        	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
        	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
        	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
        	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
        	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        	at java.lang.Thread.run(Thread.java:745)
        

        Attachments

        1. no_sso.png
          103 kB
          Nicolas Bontoux

          Issue Links

            Activity

              People

              • Assignee:
                julien.lancelot Julien Lancelot
                Reporter:
                nicolas.bontoux Nicolas Bontoux
              • Votes:
                1 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: