Project

General

Profile

Actions

Bug #24230

closed

User management - Bug #24219: Display user detail using information from database

Authentication providers and role mapping settings should be exposed

Added by Clark ANDRIANASOLO 9 months ago. Updated 9 months ago.

Status:
Released
Priority:
N/A
Category:
API
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Small
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

Currently, enabling providers and allowing to override their role is done in the auth-backends plugin :
  • for ldap, we parse the rudder.auth.provider configuration property for an ldap attribute, if found we always map its roles using the users XML file
  • for oauth2 and oidc, we parse the rudder.auth.provider configuration property for the respective attributes, if found we can :
    1. take the users XML file into account to add roles to provided users (default behavior)
    2. enable role provisioning along user provisioning from the configuration value : rudder.auth.oauth2.provider.{registration}.roles.enable=true
    3. disallow extending user roles from the users XML file by providing a configuration value : rudder.auth.oauth2.provider.{registration}.roles.override=true, where registration is priorly defined with a configuration property : rudder.auth.oauth2.registrations
We should have an easier way than reading the configuration again to know all declared providers in Rudder with properties that would be used across plugins (e.g. user-management) :
  • what is the provider internal id ?
  • is user role provisioning enabled by the provider ?
  • if roles can be provisioned, does the provider extend roles or strictly override them ?

Related issues 2 (0 open2 closed)

Related to Authentication backends - User story #22738: OIDC provided custom role listReleasedVincent MEMBRÉActions
Related to Authentication backends - Bug #23254: User management plugin incorrectly understands OIDC rolesReleasedVincent MEMBRÉActions
Actions

Also available in: Atom PDF