Snippets Groups Projects

Verified Commit 534e3ec1 authored 3 years ago by Nik | Klampfradler

Allow using local Django accounts and LDAP accounts at the same time

This fixes #470, where local Django accoutns were generally locked if
LDAP accoutns were used together with password handling to protect
against deleted/locked LDAP users being able to still login using a
shadow copy of their account in the Django database.

The fix introduces user account attributes, and the LDAP
authentication code keeps a record of users who used to authenticate
with LDAP in the past. If a suer is known to have been using LDAP in
the past, they are denied if they cannot be authenticated in the
future; if a user tries to authenticate who has not used LDAP in the
past, they are allowed in.

parent 452c17e6

No related branches found

No related tags found

No related merge requests found

Hide whitespace changes

Inline Side-by-side

Showing with 89 additions and 3 deletions

Nik | Klampfradler @nik
mentioned in commit 2bccd426
· 3 years ago

mentioned in commit 2bccd426

mentioned in commit 2bccd426f936cf717099eb2dec62eac906af70d0

Toggle commit list

Please register or to comment