Page MenuHomePhabricator

Misconfigured password policy gives a bad error message
Closed, ResolvedPublic

Description

$wgPasswordPolicy['policies']['default']['MinimalPasswordLengthToLogin'] = 64;
$wgPasswordPolicy['policies']['default']['MinimalPasswordLength'] = 64;

breaks the wiki on login....

Exception encountered, of type "DomainException"
[d75b108f] /w/index.php?title=Special:UserLogin&action=submitlogin&type=login&returnto=Main+Page DomainException from line 112 of /var/www/wiki/mediawiki/core/includes/password/UserPasswordPolicy.php: Invalid password policy config
Backtrace:
#0 /var/www/wiki/mediawiki/core/includes/password/UserPasswordPolicy.php(81): UserPasswordPolicy->checkPolicies(User, string, array, array)
#1 /var/www/wiki/mediawiki/core/includes/User.php(959): UserPasswordPolicy->checkUserPassword(User, string, string)
#2 /var/www/wiki/mediawiki/core/includes/User.php(4022): User->checkPasswordValidity(string)
#3 /var/www/wiki/mediawiki/core/includes/specials/SpecialUserlogin.php(795): User->checkPassword(string)
#4 /var/www/wiki/mediawiki/core/includes/specials/SpecialUserlogin.php(968): LoginForm->authenticateUserData()
#5 /var/www/wiki/mediawiki/core/includes/specials/SpecialUserlogin.php(345): LoginForm->processLogin()
#6 /var/www/wiki/mediawiki/core/includes/specialpage/SpecialPage.php(384): LoginForm->execute(NULL)
#7 /var/www/wiki/mediawiki/core/includes/specialpage/SpecialPageFactory.php(553): SpecialPage->run(NULL)
#8 /var/www/wiki/mediawiki/core/includes/MediaWiki.php(248): SpecialPageFactory::executePath(Title, RequestContext)
#9 /var/www/wiki/mediawiki/core/includes/MediaWiki.php(672): MediaWiki->performRequest()
#10 /var/www/wiki/mediawiki/core/includes/MediaWiki.php(474): MediaWiki->main()
#11 /var/www/wiki/mediawiki/core/index.php(43): MediaWiki->run()
#12 {main}

Why is the config invalid? I'm confused

Event Timeline

Reedy created this task.Nov 16 2015, 8:41 PM
Reedy updated the task description. (Show Details)
Reedy raised the priority of this task from to Needs Triage.
Reedy added a subscriber: Reedy.
Restricted Application added subscribers: StudiesWorld, Aklapper. · View Herald TranscriptNov 16 2015, 8:41 PM

Change 253389 had a related patch set uploaded (by Reedy):
Improve error message if check not defined for a password policy.

https://gerrit.wikimedia.org/r/253389

Reedy renamed this task from MinimalPasswordLengthToLogin === MinimalPasswordLength gives DomainException to Misconfigured password policy gives a bad error message.Nov 16 2015, 8:48 PM
Reedy removed a project: Patch-For-Review.
Reedy set Security to None.

Change 253394 had a related patch set uploaded (by Reedy):
Improve error message if check not defined for a password policy.

https://gerrit.wikimedia.org/r/253394

Reedy closed this task as Resolved.Nov 16 2015, 8:57 PM
Reedy claimed this task.

I typo'd. But the error messages weren't very good. So I improved them as the resolution for this bug :)

Change 253389 merged by jenkins-bot:
Improve error message if check not defined for a password policy.

https://gerrit.wikimedia.org/r/253389

Change 253394 merged by jenkins-bot:
Improve error message if check not defined for a password policy.

https://gerrit.wikimedia.org/r/253394