https://issues.rudder.io/https://issues.rudder.io/themes/rudder7/favicon/favicon.ico?17096450182016-03-18T10:58:41ZIssue TrackerRudder - Bug #8085: web interface login: able to log in with valid ldap account but no matching rudder-users.xml entryhttps://issues.rudder.io/issues/8085?journal_id=530612016-03-18T10:58:41ZJanos Mattyasovszky
<ul><li><strong>Found in version(s) old</strong> <i>2.11.19</i> added</li></ul> Rudder - Bug #8085: web interface login: able to log in with valid ldap account but no matching rudder-users.xml entryhttps://issues.rudder.io/issues/8085?journal_id=530732016-03-22T09:36:49ZFrançois ARMANDfrancois.armand@rudder.io
<ul></ul><p>That seems right. The cause is that we had a "anonymous" profile, but it makes little sense to FORCE to have it. So we should just either remove it completly, or make configurable the fact that user that are not in the authz file are getting anonymous rights or nothing at all.</p> Rudder - Bug #8085: web interface login: able to log in with valid ldap account but no matching rudder-users.xml entryhttps://issues.rudder.io/issues/8085?journal_id=533022016-03-29T13:20:43ZFrançois ARMANDfrancois.armand@rudder.io
<ul><li><strong>Target version</strong> set to <i>2.11.20</i></li></ul><p>Targetting 2.11 to have a consistent behaviour accross all Rudder versions, even if it wasn't a problem back then.</p> Rudder - Bug #8085: web interface login: able to log in with valid ldap account but no matching rudder-users.xml entryhttps://issues.rudder.io/issues/8085?journal_id=533032016-03-29T13:21:00ZFrançois ARMANDfrancois.armand@rudder.io
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>In progress</i></li><li><strong>Assignee</strong> changed from <i>Benoît PECCATTE</i> to <i>François ARMAND</i></li></ul> Rudder - Bug #8085: web interface login: able to log in with valid ldap account but no matching rudder-users.xml entryhttps://issues.rudder.io/issues/8085?journal_id=533122016-03-29T16:43:15ZFrançois ARMANDfrancois.armand@rudder.io
<ul><li><strong>Status</strong> changed from <i>In progress</i> to <i>Pending technical review</i></li><li><strong>Assignee</strong> changed from <i>François ARMAND</i> to <i>Nicolas CHARLES</i></li><li><strong>Pull Request</strong> set to <i>https://github.com/Normation/rudder/pull/1069</i></li></ul><p>PR <a class="external" href="https://github.com/Normation/rudder/pull/1069">https://github.com/Normation/rudder/pull/1069</a></p> Rudder - Bug #8085: web interface login: able to log in with valid ldap account but no matching rudder-users.xml entryhttps://issues.rudder.io/issues/8085?journal_id=533132016-03-29T16:47:13ZFrançois ARMANDfrancois.armand@rudder.io
<ul><li><strong>Status</strong> changed from <i>Pending technical review</i> to <i>Pending release</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>Applied in changeset <a class="changeset" title="Fixes #8085: web interface login: able to log in with valid ldap account but no matching rudder-u..." href="https://issues.rudder.io/projects/rudder/repository/rudder/revisions/210f0fa484c107da9b12ee02a100eb0b8030bf93">rudder|210f0fa484c107da9b12ee02a100eb0b8030bf93</a>.</p> Rudder - Bug #8085: web interface login: able to log in with valid ldap account but no matching rudder-users.xml entryhttps://issues.rudder.io/issues/8085?journal_id=533412016-03-31T11:00:12ZFrançois ARMANDfrancois.armand@rudder.io
<ul><li><strong>Assignee</strong> changed from <i>Nicolas CHARLES</i> to <i>François ARMAND</i></li><li><strong>% Done</strong> changed from <i>100</i> to <i>0</i></li></ul><p>The final solution is to let the user access Rudder but don't let see anything if no authorization are defined at all (and so, if it was not in the file). Other solution would have had a much bigger impact, and so were more risky.</p> Rudder - Bug #8085: web interface login: able to log in with valid ldap account but no matching rudder-users.xml entryhttps://issues.rudder.io/issues/8085?journal_id=541162016-04-18T22:11:11ZVincent MEMBRÉvme@rudder.io
<ul><li><strong>Status</strong> changed from <i>Pending release</i> to <i>Released</i></li></ul><p>This bug has been fixed in Rudder 2.11.20, 3.0.15, 3.1.9 and 3.2.2 which were released today. </p>
<ul>
<li>2.11: <a href="http://www.rudder-project.org/pipermail/rudder-announce/2016-April/000188.html" class="external">Announce</a> <a href="http://www.rudder-project.org/foswiki/bin/view/System/Documentation:ChangeLog211" class="external">Changelog</a></li>
<li>3.0: <a href="http://www.rudder-project.org/pipermail/rudder-announce/2016-April/000187.html" class="external">Announce</a> <a href="http://www.rudder-project.org/foswiki/bin/view/System/Documentation:ChangeLog30" class="external">Changelog</a></li>
<li>3.1: <a href="http://www.rudder-project.org/pipermail/rudder-announce/2016-April/000186.html" class="external">Announce</a> <a href="http://www.rudder-project.org/foswiki/bin/view/System/Documentation:ChangeLog31" class="external">Changelog</a></li>
<li>3.2: <a href="http://www.rudder-project.org/pipermail/rudder-announce/2016-April/000185.html" class="external">Announce</a> <a href="http://www.rudder-project.org/foswiki/bin/view/System/Documentation:ChangeLog32" class="external">Changelog</a></li>
<li>Download: <a class="external" href="https://www.rudder-project.org/site/get-rudder/downloads/">https://www.rudder-project.org/site/get-rudder/downloads/</a></li>
</ul>