Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.

Changes between Version 3 and Version 4 of Ticket #6248


Ignore:
Timestamp:
08/03/11 10:12:37 (13 years ago)
Author:
jmoore
Comment:

Output when logging in with mismatched DNs:

~/git/dist $ bin/omero login foo@localhost
Password:
Internal error. Please contact your administrator:
DNs don't match: '' and 'cn=foo,o=example'
Password:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #6248 – Description

    v3 v4  
    22If a user is removed from the LDAP security group used to create their OMERO account, they can still log in: 
    33 
    4 https://www.openmicroscopy.org/community/viewtopic.php?f=4&t=748 
     4  https://www.openmicroscopy.org/community/viewtopic.php?f=4&t=748 
     5 
     6The user_filter property should (optionally?) be applied on every login. 
     7 
     8Note: In discussions with Ola, there are at least two issues that this solution will not cover: 
     9 1. since the original DN is stored in OMERO, there is the possibility that it will become out of sync, e.g. if the user changes his/her OMERO username. The current plan will be to signal an `InternalException` to the user. 
     10 2. this will only work for LDAP configurations in which group membership is a property on the user so that it can be filtered via `omero.ldap.user_filter`. In cases where group membership is a property of the groups, then we will need to rework how `group_filter` and `new_user_group` interact. 

1.3.13-PRO © 2008-2011 Agilo Software all rights reserved (this page was served in: 0.16041 sec.)

We're Hiring!