My site has a significant number of users which are generated on login from SAML. 99% of these users do not need to be stored long term, so I've been working on a scheduler to delete the users. The users are recreated at next login, however, they're hitting a 404 error on login. Reloading the page resolves the error. This does not happen to users who have never existed on the site.
Is there a difference in the creation of brand new users and previously deleted users? Do I need to delete subnodes of the user first? This error happens when users are deleted through the admin or through the scheduler.
The URL is being rewritten to remove /content/site in Apache, which I do not manage. We are running 6.5.10 with MongoDB and a dispatcher. I can confirm that the dispatcher settings have "X-Forwarded-Port" in the header. I cannot at this time confirm the Apache HTTPD configuration and have not gotten access to the dispatcher log file.
These are the only logs I've found in the error log that could be related, but I can't find much information on any of them.
16.11.2021 16:01:02.493 INFO [qtp516133437-31279] org.apache.sling.auth.core.impl.SlingAuthenticator getAnonymousResolver: Anonymous access not allowed by configuration - requesting credentials 16.11.2021 16:01:02.504 WARN [qtp516133437-31279] org.apache.sling.auth.core.AuthUtil isRedirectValid: Redirect target must not be empty or null
6.11.2021 17:19:14.801 INFO [172.19.114.4  GET /content/site/home.html HTTP/1.1] org.apache.sling.engine.impl.SlingRequestProcessorImpl service: Resource /content/site/en/home.html not found
Are you removing users from group as well before deleting. If you don't delete then group still have the weak reference of the existing user and later if it is added again if user is present. I am not sure if this has any impact of permission when user is created again and user get 404 because of permission issue but with reload works because user is part of the group.
I am not sure but worth to check.
That is a good thought which I hadn't tried, but I've just tested removing the users from the groups prior to deletion and I'm still getting the 404 error on initial login.