User Created with Incorrect Email

  • Good Afternoon,

    We have a site successfully using the Authorizer plugin for CAS authentication.

    A copy of that site was moved over to a new hosting solution, all of the Authorizer settings remain the same. When a user attempts to login on the new site, rather than log them in with their existing account, a new account is created with the domain appearing twice in their email address. For example: “[email protected]@domain.com”

    WordPress: 6.4.2
    PHP: 8.1
    Authorizer: 3.6.3.1

    Any assistance in troubleshooting this matter would be greatly appreciated.

    Thank you!

Viewing 1 replies (of 1 total)
  • Plugin Author Paul Ryan

    (@figureone)

    That’s really strange. My best guess is there’s an issue with PHP on the new server.

    When Authorizer processes a CAS login, it tries to fetch the email address from the appropriate CAS attribute. It then checks if it’s a valid email address (since some folks point this to a username field), and if it’s not valid, then Authorizer appends @domain.com from the TLD of the CAS server itself in an attempt to guess the proper email address:

    https://github.com/uhm-coe/authorizer/blob/master/src/authorizer/class-authentication.php#L862-L868

    It sounds like your server is failing the email check when it shouldn’t. Can you check on the issues mentioned in this thread and see if they may apply to you? That person had a corrupt pcre2 library that was causing the filter_var() call to fail on valid email addresses:

    https://github.com/php/php-src/issues/11210

Viewing 1 replies (of 1 total)
  • The topic ‘User Created with Incorrect Email’ is closed to new replies.