#859: Account registration is disabled.
--------------------------+------------------------
Reporter: freshnewpage | Owner: nobody
Type: defect | Status: new
Priority: major | Product: BHD
Milestone: | Component: siteadmin
Version: | Resolution:
Keywords: |
--------------------------+------------------------
Description changed by freshnewpage:
Old description:
> The registration page is currently disabled:
>
> Visiting the page gives the following error:
>
> {{{
> Error: Not Found
> No handler matched request to /register
> }}}
>
> ===Steps to re-create===
> #. Visit
> https://live.bloodhound.apache.org/bloodhound/products/BHD/register
>
> Root cause:
> The registration page was intentionally disabled due to the volume of
> spurious sign-ups that were coming through.
>
> Desired outcome:
> Make necessary adjustments such that it is acceptable to leave site
> registration on.
>
> Possible solutions:
>
> Signups could be limited to "Apache Committers only" by installing an
> appropriate LDAP config into httpd. This would reduce the spam but the
> downside is that legitimate signups from non-Apache committers would be
> filtered out.
>
> Another idea is using an "email somebody an invite link" that could skip
> that authz/authn step. That would solve the problem. eg. LDAP
> restrictions on (making this up:) live.bh.a.o/signup/ and open for
> live.bh.a.o/invite/
> Potentially downside is volume of span invite requests that need to get
> dealt with by a human.
>
> reCapture style service integration would limit automated signups to
> prevent spam. This could be combined with above approaches.
New description:
The registration page is currently disabled:
Visiting the page gives the following error:
{{{
Error: Not Found
No handler matched request to /register
}}}
=== Steps to re-create ===
1. Visit
https://live.bloodhound.apache.org/bloodhound/products/BHD/register
=== Root cause ===
The registration page was intentionally disabled due to the volume of
spurious sign-ups that were coming through.
=== Desired outcome ===
Make necessary adjustments such that it is acceptable to leave site
registration on.
=== Possible solutions ===
*. Signups could be limited to "Apache Committers only" by installing an
appropriate LDAP config into httpd. This would reduce the spam but the
downside is that legitimate signups from non-Apache committers would be
filtered out.
*. Another idea is using an "email somebody an invite link" that could
skip that authz/authn step. That would solve the problem. eg. LDAP
restrictions on (making this up:) live.bh.a.o/signup/ and open for
live.bh.a.o/invite/
Potentially downside is volume of span invite requests that need to get
dealt with by a human.
*. reCapture style service integration would limit automated signups to
prevent spam. This could be combined with above approaches.
--
--
Ticket URL:
<https://live.bloodhound.apache.org/bloodhound/products/BHD/ticket/859#comment:3>
Bloodhound Live <https://live.bloodhound.apache.org/bloodhound>
