If the user has enabled the ability to create a user from the login page in hpi and has configured OC to allow for users to be created without a ticket, we face a security risk of overloading the system with create user requests. One potential fix would be to require all users to verify their email before actually creating the user.
See OC commit 16558 for the action that creates users in Alfresco without a ticket
If the user has enabled the ability to create a user from the login page in hpi and has configured OC to allow for users to be created without a ticket, we face a security risk of overloading the system with create user requests. One potential fix would be to require all users to verify their email before actually creating the user.
See OC commit 16558 for the action that creates users in Alfresco without a ticket