Bug #21292
open
Users authenticated via external sources (Kerberos) contain no default context/location
Description
Upon login using an 'external' user (IdM, via REMOTE_USER). The user cannot do anything. I've even attempted to specify an external group, but there is no context/location settings in the external group settings.
I was expecting it to be fixed but it wasn't. My current workaround is to use a foreman hook on user/after_create to modify taxable_taxonomies table.
foreman=# select id,login,auth_source_id from users where id = 38;
id | login | auth_source_id
----+--------------------+----------------
38 | satellite-new-user | 3
(1 row)
foreman=# select id,type,name from auth_sources where id =3;
id | type | name
----+--------------------+----------
3 | AuthSourceExternal | External
(1 row)
foreman=# select * from taxable_taxonomies where taxable_id = 38 and taxable_type = 'User';
id | taxonomy_id | taxable_id | taxable_type | created_at | updated_at
----+-------------+------------+--------------+------------+------------
(0 rows)
Expected results:
Organization/location are assigned on creation.
foreman=# select id,taxonomy_id,taxable_id,taxable_type from taxable_taxonomies where taxable_id = 38 and taxable_type = 'User';
id | taxonomy_id | taxable_id | taxable_type
-----+-------------+------------+--------------
894 | 1 | 38 | User
895 | 2 | 38 | User
(2 rows)
Updated by Tomer Brisker over 5 years ago
- Related to Bug #26312: [keycloak-UI] Could not specify default organization/location for users that come from keycloak added