Uploaded image for project: 'WSO2 Identity Server'
  1. WSO2 Identity Server
  2. IDENTITY-5818

Identity Server is throwing an error when deleting a user which has + sign in the username

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: 5.2.0-GA, 5.3.0-GA
    • Fix Version/s: 5.4.0-M1
    • Component/s: identity-mgt
    • Labels:
      None
    • Environment:

      JDBC userstore.

    • Severity:
      Major
    • Estimated Complexity:
      Moderate
    • Test cases added:
      Yes

      Description

      Configured IS 5.2.0 with JDBC(mysql) userstore. Enabled email username. Changed the username regular expression which will facilitate to add "+" sign into email username.
      Was able to successfully add and update the user "shanaka+pw@wso2.com". Bet IS will throwing below error while trying to delete above user.

      TID: [-1234] [] [2017-03-08 12:17:22,567] ERROR {org.wso2.carbon.user.mgt.UserRealmProxy} -  Cannot delete user who is not exist 
      org.wso2.carbon.user.core.UserStoreException: Cannot delete user who is not exist
      	at org.wso2.carbon.user.core.common.AbstractUserStoreManager.callSecure(AbstractUserStoreManager.java:168)
      	at org.wso2.carbon.user.core.common.AbstractUserStoreManager.deleteUser(AbstractUserStoreManager.java:1046)
      	at org.wso2.carbon.user.mgt.UserRealmProxy.deleteUser(UserRealmProxy.java:860)
      	at org.wso2.carbon.user.mgt.UserAdmin.deleteUser(UserAdmin.java:243)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:606)
      	at org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212)
      	at org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117)
      	at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
      	at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110)
      	at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
      	at org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:169)
      	at org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:82)
      	at org.wso2.carbon.core.transports.local.CarbonLocalTransportSender.finalizeSendWithToAddress(CarbonLocalTransportSender.java:45)
      	at org.apache.axis2.transport.local.LocalTransportSender.invoke(LocalTransportSender.java:77)
      	at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
      	at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430)
      	at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
      	at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
      	at org.wso2.carbon.user.mgt.stub.UserAdminStub.deleteUser(UserAdminStub.java:3969)
      	at org.wso2.carbon.user.mgt.ui.UserAdminClient.deleteUser(UserAdminClient.java:128)
      	at org.apache.jsp.user.delete_002dfinish_002dajaxprocessor_jsp._jspService(delete_002dfinish_002dajaxprocessor_jsp.java:120)
      	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
      	at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
      	at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
      	at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
      	at org.wso2.carbon.ui.JspServlet.service(JspServlet.java:155)
      	at org.wso2.carbon.ui.TilesJspServlet.service(TilesJspServlet.java:80)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
      	at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
      	at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
      	at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
      	at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
      	at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
      	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
      	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
      	at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
      	at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
      	at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
      	at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
      	at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
      	at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
      	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
      	at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
      	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:442)
      	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1082)
      	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:623)
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1756)
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1715)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
      	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
      	at java.lang.Thread.run(Thread.java:745)
      Caused by: java.security.PrivilegedActionException: java.lang.reflect.InvocationTargetException
      	at java.security.AccessController.doPrivileged(Native Method)
      	at org.wso2.carbon.user.core.common.AbstractUserStoreManager.callSecure(AbstractUserStoreManager.java:158)
      	... 75 more
      Caused by: java.lang.reflect.InvocationTargetException
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:606)
      	at org.wso2.carbon.user.core.common.AbstractUserStoreManager$2.run(AbstractUserStoreManager.java:161)
      	... 77 more
      Caused by: org.wso2.carbon.user.core.UserStoreException: Cannot delete user who is not exist
      	at org.wso2.carbon.user.core.common.AbstractUserStoreManager.deleteUser(AbstractUserStoreManager.java:1107)
      	... 82 more
      

      When further analyzing, I was able to found that, this same issue has been reported for 5.1.0-Alpha [1].
      So I have tested this with IS 5.2.0 by changing [2]

      <a href="#" onclick="deleteUser('<%=Encode.forJavaScriptAttribute(userName)%>')"
      

      as shown below,

      <a href="#" onclick="deleteUser('<%=Encode.forJavaScriptAttribute(Encode.forUriComponent(userName))%>')"
      

      I was able to successfully delete the user "shanaka+pw@wso2.com" with above fix.

      Note : Same issue exist in IS 5.3.0 fresh pack

      [1] https://wso2.org/jira/browse/IDENTITY-3891
      [2] https://github.com/wso2/carbon-identity-framework/blob/v5.2.2/components/user-mgt/org.wso2.carbon.user.mgt.ui/src/main/resources/web/user/user-mgt.jsp#L834

        Attachments

          Activity

            People

            • Assignee:
              farasatha@wso2.com Farasath Ahamed
              Reporter:
              shanakaw@wso2.com Shanaka Weerasinghe
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: