[MAGNOLIA-9233] Users whose name contains dots can't login on recent update Created: 18/Dec/23  Updated: 19/Jan/24  Resolved: 16/Jan/24

Status: Closed
Project: Magnolia
Component/s: security
Affects Version/s: 6.2.41
Fix Version/s: 6.3.0, 6.2.42

Type: Bug Priority: Critical
Reporter: Roberto Gaona Assignee: Khayal Musayev
Resolution: Fixed Votes: 0
Labels: SSO_and_Security_Initiative, dx-core-6.3
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Problem/Incident
Relates
relates to MAGNOLIA-9191 Problem with Public Usernames contain... Closed
relates to SECURITY-76 Creating a user with an @ in the user... Closed
causality
duplicate
is duplicated by MAGNOLIA-9234 User containing a . (dot) cannot logi... Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[X]* Doc/release notes changes? Comment present?
[X]* Downstream builds green?
[X]* Solution information and context easily available?
[X]* Tests
[X]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Release notes required:
Yes
Team: AdminX
Work Started:
Approved:
Yes

 Description   

Steps to reproduce

  1. Create an user with dots on its username
  2. Try to login as such user

 

Expected results

You can login as on previous versions of Magnolia

Actual results

The following error is thrown:

ERROR info.magnolia.cms.security.JCRSessionOp 18.12.2023 10:14:24 -- Failed to execute info.magnolia.cms.security.RepositoryBackedSecurityManager$3@36581e97 session operation with Unclosed group near index 28
(\Q/admin/magnolia)\.test\E 

Generated at Mon Feb 12 04:39:48 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.