Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes #24749: Disabled LDAP users can still login and use Rudder #5615

Merged
merged 1 commit into from Apr 18, 2024
Merged

Fixes #24749: Disabled LDAP users can still login and use Rudder #5615

merged 1 commit into from Apr 18, 2024

Conversation

clarktsiory
Copy link
Contributor

@clarktsiory clarktsiory commented Apr 18, 2024
edited

https://issues.rudder.io/issues/24749

Authentication validation should be the same as with "file" or "OIDC" : call loadUserByUsername, which takes into account the user status from the database to refuse authentication of disabled users.

There is some slight change in behavior : for LDAP users which were not found in the "users.xml" file we proceeded with a successful login but with no rights. Now, we fail at the login step. It is more consistent with the behavior for disabled users from "file" or "OIDC" backends.

@clarktsiory clarktsiory requested a review from fanf April 18, 2024 13:15
@clarktsiory
Copy link
Contributor Author

PR updated with a new commit

@clarktsiory clarktsiory marked this pull request as draft April 18, 2024 13:53
@clarktsiory clarktsiory marked this pull request as ready for review April 18, 2024 15:19
fanf
fanf approved these changes Apr 18, 2024
View reviewed changes
Copy link
Member

@fanf fanf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works as expected 👍

@Normation-Quality-Assistant
Copy link
Contributor

This PR is not mergeable to upper versions.
Since it is "Ready for merge" you must merge it by yourself using the following command:
rudder-dev merge https://github.com/Normation/rudder/pull/5615
-- Your faithful QA
Kant merge: "Two things awe me most, the starry sky above me and the moral law within me."
(https://ci.normation.com/jenkins/job/merge-accepted-pr/83458/console)

@clarktsiory
Copy link
Contributor Author

OK, squash merging this PR

@clarktsiory clarktsiory force-pushed the bug_24749/disabled_ldap_users_can_still_login_and_use_rudder branch from 1e4e7ab to f6e2252 Compare April 18, 2024 16:06
@clarktsiory clarktsiory merged commit f6e2252 into Normation:branches/rudder/7.3 Apr 18, 2024
8 of 15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fanf fanf fanf approved these changes

Assignees
No one assigned
Labels
qa: Can't merge
Projects
None yet
Milestone
No milestone
3 participants
@clarktsiory @Normation-Quality-Assistant @fanf