You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently the data for a user is refreshed when sssd performs the authentication step, which makes sure you don't perform any security sensitive decisions on stale data. Unfortunately you get problems if you authenticate by other means and only use sssd for access control. In those cases sssd will not refresh data and changes to access permissions could take 90 minutes to take effect (with a default configuration).
sssd should be changed so that doing only access control also acts on up to date data.
Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/749
Currently the data for a user is refreshed when sssd performs the authentication step, which makes sure you don't perform any security sensitive decisions on stale data. Unfortunately you get problems if you authenticate by other means and only use sssd for access control. In those cases sssd will not refresh data and changes to access permissions could take 90 minutes to take effect (with a default configuration).
sssd should be changed so that doing only access control also acts on up to date data.
Comments
Comment from sgallagh at 2010-12-22 16:09:30
Fields changed
component: SSSD => PAM
milestone: NEEDS_TRIAGE => SSSD 1.5.0
owner: somebody => sgallagh
status: new => assigned
tests: 0 => 1
Comment from sgallagh at 2011-01-03 14:07:23
Fixed by c71ff1e
resolution: => fixed
status: assigned => closed
Comment from ossman at 2011-01-24 20:29:25
Confirmed working.
(a bit late, but for posterity :))
upgrade: => 0
Comment from dpal at 2012-01-19 03:02:02
Fields changed
rhbz: => 0
Comment from ossman at 2017-02-24 14:24:11
Metadata Update from @ossman:
The text was updated successfully, but these errors were encountered: