User is not being created

[jimorillo]

Hi, I am trying to login using this plugin but thought it authenticates with the mailbox server, the user is not being created and I get this error.

Warning You cannot access the private section of this site.

I think it is because the user is not being registered at all. I have tried using the plugin with "Allow User Registration" On and Off with no results.

Thanks for any help you could bring.

[kevinoid]

Hello. Sorry about the issue, I'll see what I can do to help.

First, could you gather some additional information? What version of Joomla are you using? I assume you are using the most recent version of the auth-mailbox plugin (v1.0.7), correct? Are you certain that the user is not being created? My recollection is that the error message you were receiving is the one displayed to users who are not administrators attempting to access the administrative area. Is it possible that the user was created but has not yet been promoted to an administrator?

Thanks!

[jimorillo]

Hi, thanks for fast reply

1. Joomla version is 3.3.3,
2. Plugin Version is 1.0.7
3. The new user is not appearing on the registered Users section of Joomla
4. Yes, the error is from an area only for registered users but not administrative, which makes me think that there is something affecting new users.

[jimorillo]

Hi,

I've been testing during the weekend but I can't seem to get why the user is not being created when mailbox authentication is successful.

Thanks for the wonderful plugin and help provided.

[kevinoid]

Hi @jimorillo,

Thanks for following up and trying to track down the issue. Sorry I have been so slow to get this sorted out. I think it is an issue with recent versions of Joomla, since I recently received an email describing a similar issue also using Joomla 3.3. I will dig in with more testing and see if there was a recent change to user authentication that needs to be integrated into the plugin. Unfortunately, I'm a bit pressed for time so it may take me a little while to get this done. But I'm on it.

[ghost]

I went through some of the same struggles when trying to get it going myself a year ago. Here are my suggestions:

1: Check your plugins and be sure that Authentication - Mailbox is before Authentication - Joomla. My order is: Cookie, Mailbox then Joomla 2: Under Users > User Configuration. Turn off "Allow User Registration" , "Send Password" and be sure you have them in the correct New User Registration Group. Also set "New User Account Activation" to self

On 09/16/2014 07:50 AM, jimorillo wrote:

Hi,

I've been testing during the weekend but I can't seem to get why the user is not being created when mailbox authentication is successful.

Thanks for the wonderful plugin and help provided.

— Reply to this email directly or view it on GitHub https://github.com/kevinoid/auth-mailbox-joomla/issues/9#issuecomment-55736947.

[jimorillo]

Thanks for the info but it did not worked. maybe is the bug that kevinoid mentioned

[ghost]

@jimorillo, Hopefully Kevin will come up with a fix. I am getting ready to upgrade to Joomla 3.3 and ran a test upgrade on the test server and it did work by creating new users. @kevinoid if it helps I am on Centos 6.5 with php 5.4 and mysql (would have to check the version). I had upgraded both php and Joomla at the same time.

[kevinoid]

@mgdale, thanks that's good information to have! And good suggestions for things to try! I haven't been able to replicate the issue yet, but I'm sure I'll figure it out soon (or at least provide an updated version that can produce more debugging information).

[kevinoid]

I finally got a chance to do some testing of 3.3 and I've been unable to reproduce the symptoms you describe. I'm still not sure what is going on.

After re-reading your description, could you clarify how you know that "it authenticates with the mailbox server"? Is that from the mail server logs or from the Joomla logs or a behavior of the Joomla site that you are observing?

I've created version 1.0.8 which adds some DEBUG-level logging around the imap_open calls to help diagnose the issue and confirm whether the plugin is properly authenticating the user. If you have a chance, could you try testing with 1.0.8?

Unfortunately, the only way that I am aware of to cause Joomla! to save or display DEBUG-level messages is to enable the "Debug System" setting in Global Configuration -> System, which also has the effect of printing debug information at the bottom of all pages. If this is not practical for your system, let me know and we can work out something else. Otherwise, after installing 1.0.8, try enabling "Debug System", then try authenticating with a Mailbox user, then search logs/jcomponent.php for any occurrences of imap_open or Mailbox authentication let me know what you find.

Thanks, Kevin

[jimorillo]

Thank you. I will update and test since the site is not public yet.

I think that it authenticates with the server because when I log in as an Administrator I get an error with the following message Error

Authentication to mailbox server failed: Can not authenticate to POP3 server: Authentication failure: unknown user name or bad password.

I also tested some other sites that needs the mail server authentication and worked.

I will let you know ASAP with the results and I already read some of the users recommended settings for the plugin but can you specify, how the site settings need to be so the plugin functions properly?

Thank you and really sorry for any unconvinience

On Sun, Sep 21, 2014 at 8:57 PM, Kevin Locke notifications@github.com wrote:

I finally got a chance to do some testing of 3.3 and I've been unable to reproduce the symptoms you describe. I'm still not sure what is going on.

After re-reading your description, could you clarify how you know that "it authenticates with the mailbox server"? Is that from the mail server logs or from the Joomla logs or a behavior of the Joomla site that you are observing?

I've created version 1.0.8 which adds some DEBUG-level logging around the imap_open calls to help diagnose the issue and confirm whether the plugin is properly authenticating the user. If you have a chance, could you try testing with 1.0.8?

Unfortunately, the only way that I am aware of to cause Joomla! to save or display DEBUG-level messages is to enable the "Debug System" setting in Global Configuration -> System, which also has the effect of printing debug information at the bottom of all pages. If this is not practical for your system, let me know and we can work out something else. Otherwise, after installing 1.0.8, try enabling "Debug System", then try authenticating with a Mailbox user, then search logs/jcomponent.php for any occurrences of imap_open or Mailbox authentication let me know what you find.

Thanks, Kevin

— Reply to this email directly or view it on GitHub https://github.com/kevinoid/auth-mailbox-joomla/issues/9#issuecomment-56319263 .

[kevinoid]

It's no bother at all. I'm sure other users have experienced similar problems and either given up or moved to a different plugin. I appreciate you taking the time to submit the issue and help track it down.

As far as I know, the only settings that should be required are for the plugin to be enabled (in the Plugin Manager it should have a green checkmark) and, as @mgdale noted, the authentication ordering can be important (Mailbox should be near the top to be tried before other mechanisms) and the User Configuration can be important for prohibiting new user registration and ensuring new users are in the correct group for your site, but shouldn't affect how the plugin works directly. Beyond that, the only configuration which should be important is the plugin configuration, which depends on your mail server.

If it turns out that other configuration is important, it will be good to know and I will update the documentation to make note of it.

[ghost]

Be sure your admin username does not have a mailbox. I tried this and it did not work. The admin must be auth'ed via the Joomla system and not external. So the order of the plugins must be:

Auth - Cookie Auth - Mailbox Auth - Joomla

[jimorillo]

Sorry I've been lost so much time. I started again testing this issue and trying to solve it. I have found the jcontroller.log.php file and haven't seen any error posts. This is the log of every login y try on the site.

2014-10-14T16:08:49+00:00 DEBUG - Attempting Mailbox authentication using imap_open('{domain-sever-port/service=pop3/ssl/validate-cert}', 'user-email', *, 0x0, 1) 2014-10-14T16:08:52+00:00 DEBUG - Successfully authenticated user-email via Mailbox authentication

There is any error indication of user creation in it though Create Users is marked as Yes.

[jimorillo]

Finally found my issue - sat down with a cup of coffee, read the code and did not find any code to create users so I added custom code for the function after reading some joomla tutorials (which gave me some headache) . I'll add the code, is kind of ugly but not a fan of developing on joomla. I think that I used some unnecessary fields and since the system is authenticating with other server password is not required.

$mainframe =& JFactory::getApplication('site');
            $mainframe->initialise();
            $user = clone(JFactory::getUser());
            $pathway = & $mainframe->getPathway();
            $config = & JFactory::getConfig();
            $authorize = & JFactory::getACL();
            $document = & JFactory::getDocument();

            $responses = array();
            $usersConfig = &JComponentHelper::getParams( 'com_users' );

            $db = JFactory::getDBO();
            $defaultUserGroup = 2;

            $db->setQuery("SELECT id FROM #__users WHERE email='$email'");
            $db->query();
            $newUserID = $db->loadResult();

            $user = JFactory::getUser($newUserID);

             if ($user->id == 0)
             {                   
                 if($usersConfig->get('allowUserRegistration') == '1')
                 {
                     jimport('joomla.application.component.helper');

                        //$useractivation = $usersConfig->get('useractivation');

                        $db = JFactory::getDBO();
                        // Default group, 2=registered
                        $defaultUserGroup = 2;

                        $acl = JFactory::getACL();

                        jimport('joomla.user.helper');
                        $salt     = JUserHelper::genRandomPassword(32);
                        $password_clear = $credentials['password'];

                        $crypted  = JUserHelper::getCryptedPassword($password_clear, $salt);
                        $password = $crypted.':'.$salt;
                        $instance = JUser::getInstance();
                        $instance->set('id'         , 0);
                        $instance->set('name'           , $credentials['username']);
                        $instance->set('username'       , $credentials['username']);
                        $instance->set('email'          , $credentials['username']);
                        $instance->set('usertype'       , 'deprecated');
                        $instance->set('groups'     , array($defaultUserGroup));
                        // Here is possible set user profile details
                        //$instance->set('profile'    , array('gender' =>  $gender));
                        $instance->save();
                 }
             }

[kevinoid]

Thanks for taking the time to write out the necessary code for a workaround @jimorillo. I'm sorry it has taken me so long to respond and to move on the issue.

I was able to reproduce the Warning: You cannot access the private section of this site. message and tracked it down to an autoregistration failure. In my case autoregistration was failing because the username with the configured domain appended did not pass Joomla's internal email address validation, causing the user creation to fail.

Looking back through this issue, I suspect autoregistration may have been the underlying cause of your issue as well. I know old versions of Joomla rejected hyphens in usernames, which could have caused the name user-email to fail during autoregistration. Luckily that shouldn't be an issue anymore.

Do you know if your additional code for user creation is required for current versions of Joomla? If it is, or if you (or anyone else) runs into a similar error message and the user does not appear in User Management after successful login, you can check if this is the cause by changing the log statement at plugins/user/joomla/joomla.php:364 to read:

JLog::add('Error in autoregistration for user ' . $user['username'] . ': ' . $instance->getError() . '.', JLog::WARNING, 'jerror');

Changing 'error' to 'jerror' will cause the error to be displayed to the user and adding $instance->getError() will get the error which occurred during the user save attempt. Feel free to reopen this issue or create another one with the additional warning information.

I think the issue is solved for current versions of Joomla and the auth-mailbox plugin, but if not please feel free to reopen the issue.