Uploaded image for project: 'Openfire'
  1. Openfire
  2. OF-1735

"Orphan" user housekeeping

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 4.3.2
    • Fix Version/s: None
    • Component/s: Core
    • Labels:
      None

      Description

      Note: this issue is particularly prevalent with read-only user providers such as the LdapUserProvider, but the following contrived example shows how this can occur with the DefaultUserProvider:

      Steps to reproduce:

      1. With Openfire configured to use the DefaultUserProvider, create a user "testuser"
      2. Login as "testuser"
      3. Using direct SQL (e.g. with the DB Access plugin) delete the user directly from the database:

      DELETE FROM ofUser WHERE username = 'testuser'.

      This is to simulate a user being removed from an independent UserProvider, e.g. if LDAPUserProvider is in use and the user is removed from LDAP. 

      Expected results:

      • The user session is deleted.

      Actual results:

      • The user session remains until Openfire is restarted even though the user account no longer exists. Other indications that the user is present (e.g. private storage entries, user properties) will remain indefinitely.

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              gdt Greg Thomas
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated: