Using multiple auth providers results in all auth data being wiped for a user [simplesamlphp_auth]

Created on 1 April 2020, over 4 years ago

Updated 8 November 2023, about 1 year ago

On a site supporting external authentication from services other than SAML-based ones, a user account with an authmap record for a non-SAML provider will see that record wiped if user form is submitted with the "Enable this user to leverage SAML authentication" checkbox disabled. This is due to ExternalAuth/Authmap not supporting clearing of authmap records by both uid and provider, but just by uid.

A possible fix is being worked on at #3070335: Using multiple auth providers results in all auth data being wiped for a user → ; simplesamlphp_auth itself will also require an update once externalauth gets the proper support in place. The code to change is located at simplesamlphp_auth_user_form_submit() (.module file).

🐛 Bug report

Status

Fixed

Version

4.0

Component

Code

Created by

🇨🇴Colombia jedihe

Live updates comments and jobs are added and updated live.

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment over 1 year ago →
🇭🇺Hungary czigor
#4 works for us too.

Since this is causing data loss, raising it to major.
Comment about 1 year ago →
System Message

Berdir → committed 31a968f6 on 4.x authored by jedihe →
Issue #3123959 by jedihe: Using multiple auth providers results in all...
Status changed to Fixed about 1 year ago4:25pm 8 November 2023
Comment about 1 year ago →
🇨🇭Switzerland berdir Switzerland
Committed to 4.x.
Comment 12 months ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024