wso2 / product-apim

Welcome to the WSO2 API Manager source code! For info on working with the WSO2 API Manager repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
845 stars 785 forks source link

reCaptcha is not been validated when logging to devportal #12822

Closed nadiaguedess closed 2 years ago

nadiaguedess commented 2 years ago

Description:

I configured reCaptcha as described in the documentation. https://apim.docs.wso2.com/en/latest/install-and-setup/setup/security/logins-and-passwords/setting-up-recaptcha/ Changed deployment.toml with my keys and changed Identity Providers -> Resident -> Login Attempts Security -> reCaptcha for SSO Login -> Always prompt reCaptcha. However, although reCaptcha appears on the devportal login screen, it is not validated when logging in. If I try to log into devportal without checking the recaptcha box, I can log in without any problems.

Steps to reproduce:

1) Download wso2 API Manager version 3.2.0 or version 4.0.0 2) Start api manager wso2server.bat for version 3.2.0 or api-manager.bat for version 4.0.0 3) Stop api manager 4) Follow the steps described here: https://apim.docs.wso2.com/en/latest/install-and-setup/setup/security/logins-and-passwords/setting-up-recaptcha/ 5) Start api manager wso2server.bat for version 3.2.0 or api-manager.bat for version 4.0.0 6) Access https://localhost:9443/devportal and try to logging in do devportal without checkin reCaptcha

Affected Product Version:

3.2.0 4.0.0

Environment details (with versions):

nadiaguedess commented 2 years ago

solved here: https://github.com/wso2/product-apim/pull/12082