Shibboleth configuration shows side effect on password authentication #9074
Labels
authentication: password
Related to default password-based authentication
authentication: Shibboleth
Related to authentication via Shibboleth
bug
Milestone
Describe the bug
If you configure a default role in Shibboleth via authentication-shibboleth.default-roles, this also applies to password authentication and the user authenticated via self-registration and password login then also ends up in the group assigned to this default role.
To Reproduce
authentication-shibboleth.cfg:
authentication-password.cfg:
authentication-password.login.specialgroup = group2
authentication.cfg:
A user who has created himself via self-registration and logs in with his password will subsequently end up in both groups: group1 and group2
Expected behavior
authentication-shibboleth.default-roles should only take effect if a login actually takes place via Shibboleth.
The text was updated successfully, but these errors were encountered: