Issues with Ldap Authentication integration

Created on 23 September 2024, 7 months ago

Problem/Motivation

I'm trying to set some authentication exclusion rules. To do so, I'm setting the "Excluded Text Test" field on Ldap Authentication settings.
The problem is that this authentication restriction seems to work correctly only if the user doesn't have an account. If the user already has an account, ldap_sso will still login the user, ignoring the authentication settings.

In attachment you can see my debug messages where you can clearly see that ldap_sso takes care of my "test_intranet" user login then ldap_authentication result in a "User disallowed" message but ldap_sso still carries on with the login.

Steps to reproduce

- Set ldap and ldap sso.
- On admin/config/people/ldap/authentication "Excluded Text Test" field set an exclusion rule
- Try to login with an existing user containing the exclusion rule in it's DN.

Expected result: user is not logged in.
Actual result: user is logged in.

Proposed resolution

Test the authentication before logging in the user.

🐛 Bug report

Status

Active

Version

4.0

Component

Code

Created by

🇵🇹Portugal rutiolma

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @rutiolma
Comment 7 months ago →
🇵🇹Portugal rutiolma
I guess something like this would be enough to fix the issue.
Missing tests tho.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024