Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.
- Timestamp:
-
08/03/11 10:12:37 (13 years ago)
- Author:
-
jmoore
- Comment:
-
Output when logging in with mismatched DNs:
~/git/dist $ bin/omero login foo@localhost
Password:
Internal error. Please contact your administrator:
DNs don't match: '' and 'cn=foo,o=example'
Password:
Legend:
- Unmodified
- Added
- Removed
- Modified
-
v3
|
v4
|
|
2 | 2 | If a user is removed from the LDAP security group used to create their OMERO account, they can still log in: |
3 | 3 | |
4 | | https://www.openmicroscopy.org/community/viewtopic.php?f=4&t=748 |
| 4 | https://www.openmicroscopy.org/community/viewtopic.php?f=4&t=748 |
| 5 | |
| 6 | The user_filter property should (optionally?) be applied on every login. |
| 7 | |
| 8 | Note: In discussions with Ola, there are at least two issues that this solution will not cover: |
| 9 | 1. since the original DN is stored in OMERO, there is the possibility that it will become out of sync, e.g. if the user changes his/her OMERO username. The current plan will be to signal an `InternalException` to the user. |
| 10 | 2. this will only work for LDAP configurations in which group membership is a property on the user so that it can be filtered via `omero.ldap.user_filter`. In cases where group membership is a property of the groups, then we will need to rework how `group_filter` and `new_user_group` interact. |
1.3.13-PRO © 2008-2011
Agilo Software all
rights reserved
(this page was served in: 0.16041 sec.)