-
Notifications
You must be signed in to change notification settings - Fork 274
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
authentication sources: Do not "match" a rule if "requested" action if not configured in it #1858
Comments
This is how it works now. |
Not as per a test I just did |
can you attach the authentication.conf that created that problem. |
If this is the case then you are right it is a bug. |
[NAME] [NAME rule Admins] [NAME rule Sponsors] [NAME rule Supervisors] |
I'm pretty sure it always behaved that way and we put administration/authentication rules to handle cases like these. The one you gave where you have two big groups with a partial union for two different actions isn't covered in the way it works (at least I believe) That needs to be added as I agree that at least for administration rules that makes perfect sense that it behaves that way |
Can you also check in your logs to make sure there was not an error that might caused the problem. |
Authentication sources works on a first hit match. Same for the rules in the source.
We should not match a rule in an authentication if we look for a specific action and that this specific action is not part of the rule.
ie.
Need to add the ability of specifying the action we are looking for when trying to match and do not match a rule not containing that action.
The text was updated successfully, but these errors were encountered: