Page MenuHomePhabricator
Create Task
Maniphest T118776

Misconfigured password policy gives a bad error message
Closed, ResolvedPublic
Actions

Description

$wgPasswordPolicy['policies']['default']['MinimalPasswordLengthToLogin'] = 64;
$wgPasswordPolicy['policies']['default']['MinimalPasswordLength'] = 64;

breaks the wiki on login....

Exception encountered, of type "DomainException"
[d75b108f] /w/index.php?title=Special:UserLogin&action=submitlogin&type=login&returnto=Main+Page DomainException from line 112 of /var/www/wiki/mediawiki/core/includes/password/UserPasswordPolicy.php: Invalid password policy config
Backtrace:
#0 /var/www/wiki/mediawiki/core/includes/password/UserPasswordPolicy.php(81): UserPasswordPolicy->checkPolicies(User, string, array, array)
#1 /var/www/wiki/mediawiki/core/includes/User.php(959): UserPasswordPolicy->checkUserPassword(User, string, string)
#2 /var/www/wiki/mediawiki/core/includes/User.php(4022): User->checkPasswordValidity(string)
#3 /var/www/wiki/mediawiki/core/includes/specials/SpecialUserlogin.php(795): User->checkPassword(string)
#4 /var/www/wiki/mediawiki/core/includes/specials/SpecialUserlogin.php(968): LoginForm->authenticateUserData()
#5 /var/www/wiki/mediawiki/core/includes/specials/SpecialUserlogin.php(345): LoginForm->processLogin()
#6 /var/www/wiki/mediawiki/core/includes/specialpage/SpecialPage.php(384): LoginForm->execute(NULL)
#7 /var/www/wiki/mediawiki/core/includes/specialpage/SpecialPageFactory.php(553): SpecialPage->run(NULL)
#8 /var/www/wiki/mediawiki/core/includes/MediaWiki.php(248): SpecialPageFactory::executePath(Title, RequestContext)
#9 /var/www/wiki/mediawiki/core/includes/MediaWiki.php(672): MediaWiki->performRequest()
#10 /var/www/wiki/mediawiki/core/includes/MediaWiki.php(474): MediaWiki->main()
#11 /var/www/wiki/mediawiki/core/index.php(43): MediaWiki->run()
#12 {main}

Why is the config invalid? I'm confused

Details

SubjectRepoBranchLines +/-
Improve error message if check not defined for a password policy.mediawiki/coreREL1_26+9 -2
Improve error message if check not defined for a password policy.mediawiki/coremaster+9 -2
Customize query in gerrit

Event Timeline

Reedy created this task.Nov 16 2015, 8:41 PM
Reedy raised the priority of this task from to Needs Triage.
Reedy updated the task description. (Show Details)
Reedy added a project: MediaWiki-User-login-and-signup.
Reedy subscribed.
Restricted Application added subscribers: StudiesWorld, Aklapper. · View Herald TranscriptNov 16 2015, 8:41 PM
gerritbot subscribed.Nov 16 2015, 8:47 PM

Change 253389 had a related patch set uploaded (by Reedy):
Improve error message if check not defined for a password policy.

https://gerrit.wikimedia.org/r/253389

gerritbot added a project: Patch-For-Review.Nov 16 2015, 8:47 PM
Reedy renamed this task from MinimalPasswordLengthToLogin === MinimalPasswordLength gives DomainException to Misconfigured password policy gives a bad error message.Nov 16 2015, 8:48 PM
Reedy removed a project: Patch-For-Review.
Reedy set Security to None.
gerritbot added a comment.Nov 16 2015, 8:55 PM

Change 253394 had a related patch set uploaded (by Reedy):
Improve error message if check not defined for a password policy.

https://gerrit.wikimedia.org/r/253394

gerritbot added a project: Patch-For-Review.Nov 16 2015, 8:55 PM
Reedy closed this task as Resolved.Nov 16 2015, 8:57 PM
Reedy claimed this task.

I typo'd. But the error messages weren't very good. So I improved them as the resolution for this bug :)

gerritbot added a comment.Nov 16 2015, 9:05 PM

Change 253389 merged by jenkins-bot:
Improve error message if check not defined for a password policy.

https://gerrit.wikimedia.org/r/253389

gerritbot added a comment.Nov 16 2015, 9:15 PM

Change 253394 merged by jenkins-bot:
Improve error message if check not defined for a password policy.

https://gerrit.wikimedia.org/r/253394

ReleaseTaggerBot added projects: MW-1.26-release, MW-1.27-release (WMF-deploy-2015-11-17_(1.27.0-wmf.7)), MW-1.27-release-notes.Nov 16 2015, 10:00 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL