Project

General

Profile

Bug #21292

Users authenticated via external sources (Kerberos) contain no default context/location

Added by Daniel Lobato Garcia about 3 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

Upon login using an 'external' user (IdM, via REMOTE_USER). The user cannot do anything. I've even attempted to specify an external group, but there is no context/location settings in the external group settings.

I was expecting it to be fixed but it wasn't. My current workaround is to use a foreman hook on user/after_create to modify taxable_taxonomies table.

foreman=# select id,login,auth_source_id from users where id = 38;
id | login | auth_source_id
----+--------------------+----------------
38 | satellite-new-user | 3
(1 row)
foreman=# select id,type,name from auth_sources where id =3;
id | type | name
----+--------------------+----------
3 | AuthSourceExternal | External
(1 row)

foreman=# select * from taxable_taxonomies where taxable_id = 38 and taxable_type = 'User';
id | taxonomy_id | taxable_id | taxable_type | created_at | updated_at
----+-------------+------------+--------------+------------+------------
(0 rows)

Expected results:
Organization/location are assigned on creation.

foreman=# select id,taxonomy_id,taxable_id,taxable_type from taxable_taxonomies where taxable_id = 38 and taxable_type = 'User';
id | taxonomy_id | taxable_id | taxable_type
-----+-------------+------------+--------------
894 | 1 | 38 | User
895 | 2 | 38 | User
(2 rows)


Related issues

Related to Foreman - Bug #26312: [keycloak-UI] Could not specify default organization/location for users that come from keycloakClosed

History

#1 Updated by Tomer Brisker about 1 year ago

  • Related to Bug #26312: [keycloak-UI] Could not specify default organization/location for users that come from keycloak added

Also available in: Atom PDF