Self Service Login fails if one UserIdResolver is unavailable #219
Comments
|
Hi @countzero, thanks for reaching out to us and the detailed report! Indeed, this should not be the intended behaviour that you experienced. I am adding the issue to our product backlog to prioritise. Please note, that if you have an active support subscription, you can reach out to our support team directly via phone or the mail ticket system to receive direct support regarding your issue. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
The user login to the self service fails if one UserIdResolver is unavailable.
Steps to reproduce
Steps to reproduce the behavior:
LinOTP 3ActiveDirectory&OpenLDAPlocalwith both UserIdResolversSelf Servicefor the realm and both UserIdResolversOpenLDAP(via networking or misconfiguration)/selfserviceActiveDirectory/var/log/linotp/linotp.logExpected behavior
The user authentication should work if its containing source is available.
The LinOTP system should be resilient against partial outages of secondary systems it is attached to.
Screenshots
Environment
The environment in which the bug can be reproduced:
Additional context
Policy Configuration
curl \ --insecure \ --cookie "access_token_cookie=${access_token_cookie}" \ --header "X-CSRF-TOKEN: ${csrf_access_token}" \ --data-urlencode "name=Self Service" \ --data-urlencode "user=ActiveDirectory:,OpenLDAP:" \ --data-urlencode "action=disable, resync, reset, webprovisionGOOGLEtime" \ --data-urlencode "scope=selfservice" \ --data-urlencode "realm=local" \ --data-urlencode "time=* * * * * *;" \ --data-urlencode "client=*" \ --data-urlencode "active=True" \ https://localhost:5000/system/setPolicyThe text was updated successfully, but these errors were encountered: