Snippets Groups Projects

Verified Commit 42f5708d authored 3 years ago by Nik | Klampfradler

Allow using local Django accounts and LDAP accounts at the same time

This fixes #470, where local Django accoutns were generally locked if
LDAP accoutns were used together with password handling to protect
against deleted/locked LDAP users being able to still login using a
shadow copy of their account in the Django database.

The fix introduces user account attributes, and the LDAP
authentication code keeps a record of users who used to authenticate
with LDAP in the past. If a suer is known to have been using LDAP in
the past, they are denied if they cannot be authenticated in the
future; if a user tries to authenticate who has not used LDAP in the
past, they are allowed in.

parent 452c17e6

No related branches found

Tags 2.1.dev0

1 merge request!847Resolve "Login with local Django accounts and LDAP password changes are mutually exclusive"

Hide whitespace changes

Inline Side-by-side

Showing with 88 additions and 3 deletions

Nik | Klampfradler @nik
mentioned in commit cea48e7b
· 3 years ago

mentioned in commit cea48e7b

mentioned in commit cea48e7bb9f4e3b8d49a67176071234cb2af854c

Toggle commit list

Please register or to comment