Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-8501

Duplicate Accounts with same email and username can be created

    XMLWordPrintable

Details

    • Bug
    • Resolution: Obsolete
    • Major
    • None
    • SaaS, 2.11.3 GA
    • System
    • False
    • None
    • False
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
      • Enable spam protection to prevent repeated signups to take place in rapid sequence or simultaneously
    • Hide
      • send multiple requests in parallel to the Signup Express (Account Create) /admin/api/signup.xml POST endpoint, passing the same data multiple times: multiple accounts with same credentials and email will be signed up.
      • alternatively, copy the POST request of the signup form from the Developer Portal, update username and email to be valid for a new user, then send multiple times in parallel
      Show
      send multiple requests in parallel to the Signup Express (Account Create) /admin/api/signup.xml POST endpoint, passing the same data multiple times: multiple accounts with same credentials and email will be signed up. alternatively, copy the POST request of the signup form from the Developer Portal, update username and email to be valid for a new user, then send multiple times in parallel

    Description

      Duplicate Accounts (and users) can be created by sending multiple requests in parallel to the signup endpoints. This allows creating Accounts and Users with the same username and email.

      Creating multiple accounts with the same username or email should not be possible.

      Attachments

        Activity

          People

            Unassigned Unassigned
            rhn-support-sillumin Samuele Illuminati (Inactive)
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: