User Security Management Plugin

Added by Dan Hardiker, last edited by Jonathan Nolen on Jun 19, 2008  (view change)
This plugin is not designed for and has not been tested against external user management systems. This is intended to extend and enhance the basic internal user management options that Confluence offers out of the box
Name User Management Plugin
Vendor Adaptavist.com Ltd (Website)
Authors Dan Hardiker
Homepage http://confluence.atlassian.com/display/CODEGEIST/User+Security+Management+Plugin
Issue Management n/a
Categories Admin Macros
Version 1.0.2
Availability Confluence v2.7 to v2.10-m1
State Stable
Support Unsupported Plugins
License Freeware / Open Source (BSD)
Price Donate
Release Docs http://confluence.atlassian.com/display/CODEGEIST/User+Security+Management+Plugin
Java API Docs n/a
Download Source http://svn.atlassian.com/svn/public/contrib/confluence/user-management-plugin/tags/1.0.2/
Download JAR user-management-plugin-1.0.2.jar

Quote from the Author

Dan Hardiker says:

My "let's hack Confluence up" plugin last year was Scriptix - this year it's the user management plugin, which attempts to do it's best to work around XWork/Seraph Interceptors not being pluggable. Well, it works – just about!

Enjoy.

Description/Features

An enhancement for the Confluence user management system, to prompt better security practices - including email verification and admin vetting of signups.

This has been a long awaited feature strongly desired by enterprises who want to be able to please their security guys without having to integrate the proof-of-concept Confluence roll out with their cumbersome external user management systems. The issue of spammers creating accounts where public signup is enabled has also come up several times in our experience, even with CAPTCHA on.

The main features of this plugin are (all independently configurable):

Better Password Control

  1. A raft of password strength/complexity options
  2. Password expiry (so you can make sure your users change their password every x days)
  3. Password history lists (so you can make sure your user's don't change to a password they've used in the last x)
  4. Password minimum change (so you can enforce a password change only once a day)

Account Locking
If a user enters their password incorrectly x times then they can be locked out of the system (their password is changed and they have to use the forgotten password functionality, or contact an admin).

Better Login
You can hide the "remember me" functionality (helps combat CSRF as well as malicious access while you are AFK) and disable browser auto-complete functionality on the login form.

End User Agreements
You can now please your legal department and display the desired "unauthorised access is prohibited and will be met with the full extent of the law" or "the content in this system is classified as level x" messages to your users during login and sign up.

Forgotten Password Restrictions
If you have a paranoid nature, then you may wish to disable the forgotten password systems for certain groups of users (e.g. administrators). After all, if someone's email client has been breached, you certainly don't want to give a hacker access simply by allowing a new password to be emailed out.

The list of groups can either be a white list or a black list (defaulting to the latter).

Sign-up Email Filtering
You can set a list of regular expressions to form either a white list or a black list (defaulting to the latter) of email addresses that can be used. This is very useful for either only allowing those with email addresses from areas you want to sign up, or for filtering out people using free email accounts - while still allowing public sign up with no manual intervention.

Sign-up Admin Approvals and Email Verification
This has been a long awaited feature request - you can now make users wait for an email to come in and to click the link in it, and have an Administrator approve the sign up request before the user is ever created.

Use can use both features together, or one without the other.

Sensible Defaults
When you first install the plugin, all the options are disabled and you must enable each feature you want. It also cleanly uninstalls returning your system to how it was if you wish to revert. This is to ensure that you can install it safely and uninstall it if you don't want it any more.

Usage

  1. Install via the plugin repository, or manually.
  2. Select "configure" against the plugin, or the "Adaptavist User Management" option in on the bottom of the Admin console left-hand menu (you may need to refresh the repository to see it).

The options should be self explanitory, but let me know if you're not sure what any of the controls do and I'll try to split them up a bit better.

There is a page where you can see the users waiting for approval.

Version History

Version Date State License Price
Show description 1.0-SNAPSHOT (#1) 16 Apr 2008 Stable Freeware / Open Source (BSD) Donate

Release Notes

The initial release

Contributors

Show description 1.0.1 (#2) 25 Apr 2008 Stable Freeware / Open Source (BSD) Donate

Release Notes

Fixing some bugs, and adding view user enhancements to unlock users and force password changes.

Contributors

Show description 1.0.2 (#3) 25 Apr 2008 Stable Freeware / Open Source (BSD) Donate

Release Notes

Detecting validation when logged in, when the user has already been approved.

Contributors

Screenshots

Screenshots
There are no images attached to this page

Other Adaptavist Entries

Attachment Download Plugin — Adds a servlet so you can download attachments from a page without needing to know the ID.
Custom News — An alternative to Confluence's blog posts macro to aid with customisation
Developer Report Plugin — Primarily as a proof of concept, this plugin shows what I've found you can do with FishEye plugins – hopefully this will help and encourage more developers to dive in and see what they can do.
Insert Picture Plugin — A in-place image management widget for Confluence to help with image attachment manipulation
JIRA Visitor Plugin — If you've ever found yourself commenting simultaneously as someone else with the same information, or been faced with the dreaded "workflow has already changed" message, or just thought "I wonder if anyone else is viewing this issue right now" - then this is for you.
Plugin Message Client — A library which when included as an extracted dependancy will allow java communication between the classloaders of the installed plugins
Ranking Macro — Yet another macro for voting/rating/ranking pages, this one is uniquely different to the others by providing a macro for ranking pages with a 'was this page useful' style approach, tracking only positive answers
Statistical Analysis Plugin — Confluence has lacked a cluster-ready, enterprise scaleable, remotely accessible statistically gathering and analysis plugin ... not any more!
Synonym Plugin — A search extractor for Confluence to inject synonyms for acronyms, words or phrases into the index to aid with searching
User Security Management Plugin — An enhancement for the Confluence user management system, to prompt better security practices - including email verification and admin vetting of signups

Labels

codegeist_2008_vendor_adaptavist codegeist_2008_vendor_adaptavist Delete
codegeist_2008_confluence codegeist_2008_confluence Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.

Comments (17)

 

  1. Apr 20

    Dan Hardiker says:

    Jon Nermut suggested

    Jon Nermut suggested:

    The subconf plugin does this in the init method of a component to add a login interceptor to seraph:

    // install our login interceptor
// this is pretty crazy that a plugin can do this
SecurityConfigImpl sci = (SecurityConfigImpl) SecurityConfigFactory.getInstance();
sci.addInterceptor(new SubconfLoginInterceptor());

    You need to implement com.atlassian.seraph.interceptor.LoginInterceptor

  2. Apr 20

    Stephan Janssen says:

    Your email address has been successfully validated. Your user is now approved...
    • Your email address has been successfully validated.
    • Your user is now approved and you can proceed to login.

    Is displayed on a themed confluence page. It would be nice if "proceed to login" would actually be a link to the login page ! Thanks in advance

    1. Apr 22

      Dan Hardiker says:

      This is done in v1.0.1

      This is done in v1.0.1

  3. Apr 20

    Stephan Janssen says:

    BTW It seems to work on Confluence 2.5.4 as well !

    BTW - It seems to work on Confluence 2.5.4 as well !

    1. Apr 20

      Dan Hardiker says:

      Excellent, I'll modify the repository metadata next time I'm editing it.

      Excellent, I'll modify the repository metadata next time I'm editing it.

  4. Apr 20

    Stephan Janssen says:

    When I click on the email to confirm the email notification and log in with the ...

    When I click on the email to confirm the email notification and log in with the new user, I get the following error :

    The following error(s) occurred:

    • There was an error while trying to validate your email address.

    However the user is logged in correctly...

  5. Apr 20

    Stephan Janssen says:

    The HTML title for the login page is incorrect and shows the fully qualified plu...

    The HTML title for the login page is incorrect and shows the fully qualified plugin name instead.

    1. Apr 22

      Dan Hardiker says:

      Fixed in 1.0.1.

      Fixed in 1.0.1.

  6. Jun 09

    Bruno Duarte says:

    Does the "Signup Email Filtering" filter by repeated mail address? I.e, reject m...

    Does the "Sign-up Email Filtering" filter by repeated mail address? I.e, reject mail address if already exists a registered user with that address..

    1. Jun 11

      Dan Hardiker says:

      No, but this is a feature that I'm resolving in a separate plugin (we need it as...

      No, but this is a feature that I'm resolving in a separate plugin (we need it as we have 2x JIRA and 1x Confluence systems all Crowded together, and we need to ensure that they only sign up one per email address).

  7. Jul 02

    Robert Manna says:

    Maybe I'm just being an idiot, but how do I get the email filter to work correct...

    Maybe I'm just being an idiot, but how do I get the e-mail filter to work correctly? I suspect I'm screwing up the sytax of the regular expression. Since I'm not a programmer that may have something to do with it. What is the sytax I should use? Also, I want to only accept e-mail addresses from a specific domain, and exclude all others.

    Thanks,

    -R

    1. Aug 20

      martin says:

      i also have the problem with the email filter. Do we have to use regexpression ?...

      i also have the problem with the email filter. Do we have to use reg-expression ?
      I have tried, but it didnt work.

      Can somebody give us examples ??

      THANK YOU
      Martin

  8. Jul 03

    Jeff Wilbert says:

    Awesome plugin! thanks! A few requests Hopefully easy Ability to edit added r...

    Awesome plugin! thanks!

    A few requests – Hopefully easy

    • Ability to edit added regular expressions
      • This would also then allow one to copy the text of the regular expression to share it or make modifications.
    • Ability to name regular expressions
      • Sometimes it's hard to remember what exactly the expression does
    • An organization field under account creation
      • We only create accounts for customers who can be all over the world, and this would make it much easier to verify that the person works for one of our customers
    • Ability to select which groups a user is added to on creation
      • When the admin approves, it would be nice to have a drop down, or pop up screen to select custom groups

    Possible bugs

    • I can't seem to customize the validation e-mail
      • I fill in the desired information, however the sent e-mail doesn't reflect it.
    • When a user is awaiting Admin Authorization, they can log in to see the current status, however the word Authorisation is misspelled with an s instead of a z

    Again – awesome plugin, thanks!

    1. Aug 26

      Bruce Michelsen says:

      Assigning groups to an account right after giving admin admin approval is a grea...

      Assigning groups to an account right after giving admin admin approval is a great idea.

  9. Aug 26

    Bruce Michelsen says:

    Is it possible to have a notification sent to an email address so the administra...

    Is it possible to have a notification sent to an email address so the administrator knows there are accounts awaiting approval?

  10. Aug 28

    Bruce Michelsen says:

    Info The Admin Approved (needs email validation) Email is sent when the adminis...

    Info

    • The Admin Approved (needs email validation) Email is sent when the administrator clicks the Admin Approved button in Users Waiting before the person signing up clicks the Email Validation link in the email sent to them.
    • The administrator can also validate the email address in User Waiting.
    • By default, the Forgotten Password Groups box excludes the selected groups from being sent their password. So select just the confluence-administrators, if you want to exclude this group. As other groups are created, they are included by default.

    Bugs

    • Minimum Length with a zero value isn't allowing a signup with an empty password.
    • Maximum Login Attempts doesn't get applied immediately. I set the value to 3, then attempted to login to an account with the wrong password more than 3 times. Nothing happened to prevent me from continuing to login. Later (after server restart?), someone else logging in had their account locked.
    • The Validation Email that is sent to the person signing up does not include the content specified in the Configuration.

  11. Sep 01

    Eric Dalquist says:

    I'm not sure if there is a better place to report issues. I just tried this plug...

    I'm not sure if there is a better place to report issues. I just tried this plugin on a Confluence 2.9 install that uses Crowd for external auth and I get the following error message when trying create a new account. I only have email verification and admin approval turned on:

    java.lang.RuntimeException: java.lang.NoSuchMethodError: com.adaptavist.confluence.userManagement.modules.MgmtSignupAction.getCaptchaId()Ljava/lang/String;
	at com.atlassian.xwork.interceptors.XWorkTransactionInterceptor.intercept(XWorkTransactionInterceptor.java:115)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.opensymphony.xwork.DefaultActionProxy.execute(DefaultActionProxy.java:115)
	at com.opensymphony.webwork.dispatcher.ServletDispatcher.serviceAction(ServletDispatcher.java:229)
	at com.opensymphony.webwork.dispatcher.ServletDispatcher.service(ServletDispatcher.java:199)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:118)
	at com.atlassian.confluence.util.profiling.ProfilingPageFilter.parsePage(ProfilingPageFilter.java:153)
	at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:54)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.confluence.jmx.JmxFilter.doFilter(JmxFilter.java:109)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.core.filters.ServletContextThreadLocalFilter.doFilter(ServletContextThreadLocalFilter.java:21)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.confluence.util.LoggingContextFilter.doFilter(LoggingContextFilter.java:49)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.confluence.util.UserThreadLocalFilter.doFilter(UserThreadLocalFilter.java:44)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.seraph.filter.SecurityFilter.doFilter(SecurityFilter.java:192)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.seraph.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:120)
	at com.atlassian.confluence.util.AbstractBootstrapHotSwappingFilter.doFilter(AbstractBootstrapHotSwappingFilter.java:28)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.seraph.filter.BaseLoginFilter.doFilter(BaseLoginFilter.java:125)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.confluence.util.ClusterHeaderFilter.doFilter(ClusterHeaderFilter.java:35)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.johnson.filters.AbstractJohnsonFilter.doFilter(AbstractJohnsonFilter.java:72)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at org.springframework.orm.hibernate.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:170)
	at com.atlassian.spring.filter.FlushingSpringSessionInViewFilter.doFilterInternal(FlushingSpringSessionInViewFilter.java:29)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.util.profiling.filters.ProfilingFilter.doFilter(ProfilingFilter.java:142)
	at com.atlassian.core.filters.ProfilingAndErrorFilter.doFilter(ProfilingAndErrorFilter.java:27)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.confluence.core.datetime.RequestTimeThreadLocalFilter.doFilter(RequestTimeThreadLocalFilter.java:34)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.confluence.util.RequestCacheThreadLocalFilter.doFilter(RequestCacheThreadLocalFilter.java:25)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.gzipfilter.GzipFilter.doFilterInternal(GzipFilter.java:94)
	at com.atlassian.gzipfilter.GzipFilter.doFilter(GzipFilter.java:64)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.core.filters.AbstractEncodingFilter.doFilter(AbstractEncodingFilter.java:33)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
	at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
	at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
	at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
	at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
	at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
	at java.lang.Thread.run(Thread.java:619)
Caused by: java.lang.NoSuchMethodError: com.adaptavist.confluence.userManagement.modules.MgmtSignupAction.getCaptchaId()Ljava/lang/String;
	at com.adaptavist.confluence.userManagement.modules.MgmtSignupAction.execute(MgmtSignupAction.java:75)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:168)
	at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.adaptavist.confluence.userManagement.xwork.AfterLoginInterceptor.intercept(AfterLoginInterceptor.java:42)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.opensymphony.xwork.interceptor.DefaultWorkflowInterceptor.intercept(DefaultWorkflowInterceptor.java:55)
	at com.atlassian.confluence.core.ConfluenceWorkflowInterceptor.intercept(ConfluenceWorkflowInterceptor.java:35)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.atlassian.confluence.security.interceptors.CaptchaInterceptor.intercept(CaptchaInterceptor.java:46)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.atlassian.confluence.util.LoggingContextInterceptor.intercept(LoggingContextInterceptor.java:48)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.atlassian.confluence.core.CancellingInterceptor.intercept(CancellingInterceptor.java:23)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.atlassian.confluence.security.actions.PermissionCheckInterceptor.intercept(PermissionCheckInterceptor.java:54)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.atlassian.confluence.pages.actions.CommentAwareInterceptor.intercept(CommentAwareInterceptor.java:43)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.atlassian.confluence.pages.actions.PageAwareInterceptor.intercept(PageAwareInterceptor.java:120)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.atlassian.confluence.spaces.actions.SpaceAwareInterceptor.intercept(SpaceAwareInterceptor.java:67)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.atlassian.confluence.core.actions.LastModifiedInterceptor.intercept(LastModifiedInterceptor.java:39)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.atlassian.confluence.core.ConfluenceAutowireInterceptor.intercept(ConfluenceAutowireInterceptor.java:25)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
	at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
	at com.atlassian.xwork.interceptors.XWorkTransactionInterceptor.intercept(XWorkTransactionInterceptor.java:97)
	... 77 more