Some email address' will cause a null pointer exception to occur during the start of the openid consumption process.
Here are some example email address':
goldjara@nate.com
yhweng@tamu.edu
rs_prasad@rocketmail.com
sweetdreamworks@qq.com
liangsheng3460@163.com
The problem is that the above email address' will get changed into something like the following:
http://<hostname>.com or http://<hostname>.com
A yadis discovery call is then made on that url and if any text (html) is returned then the yadis call is successful. Even though a real yadis document was not returned.
My guess is that we should either add a check to the ValidatingConsumerManager (or create a new class to wrapper the ValidatingConsumerManager or create a ChainConsumerManager) that will perform a null check on the return Discovery object and if the Discovery object is null throw a AuthenticationException.
Here are some example email address':
goldjara@nate.com
yhweng@tamu.edu
rs_prasad@rocketmail.com
sweetdreamworks@qq.com
liangsheng3460@163.com
The problem is that the above email address' will get changed into something like the following:
http://<hostname>.com or http://<hostname>.com
A yadis discovery call is then made on that url and if any text (html) is returned then the yadis call is successful. Even though a real yadis document was not returned.
My guess is that we should either add a check to the ValidatingConsumerManager (or create a new class to wrapper the ValidatingConsumerManager or create a ChainConsumerManager) that will perform a null check on the return Discovery object and if the Discovery object is null throw a AuthenticationException.
- is duplicated by
-
GTWY-3446 Entering an email as OpenID on ESG login page may produce Internal Server Error
-
- Done
-