mahara-contributors team mailing list archive

Thread
Date

[Bug 904620] [NEW] Internal auth instance cannot be disabled

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: François Marier <francois@xxxxxxxxxx>
Date: Thu, 15 Dec 2011 08:36:12 -0000
Reply-to: Bug 904620 <904620@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

When another authentication instance is used on a site (e.g. saml, ldap,
etc.), it would be nice to be able to disable Internal auth (the
standard password-based one) and not show the login form at all.

However, it's not possible because the Internal auth instance is used
for two things:

- as the auth instance for the fake "root" account
- as the auth instance for deleted user accounts

Perhaps we could solve this by making the authinstance column of the usr
table nullable and using a null value for the above two cases. However
null values can be tricky and this could lead to more problems.

Alternatively, we could create a new auth type of "Denied" which would
be the exact opposite of the "None" institution: it would never let
users with that authinstance login no matter what.

** Affects: mahara
     Importance: Low
         Status: Triaged


** Tags: auth

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/904620

Title:
  Internal auth instance cannot be disabled

Status in Mahara ePortfolio:
  Triaged

Bug description:
  When another authentication instance is used on a site (e.g. saml,
  ldap, etc.), it would be nice to be able to disable Internal auth (the
  standard password-based one) and not show the login form at all.

  However, it's not possible because the Internal auth instance is used
  for two things:

  - as the auth instance for the fake "root" account
  - as the auth instance for deleted user accounts

  Perhaps we could solve this by making the authinstance column of the
  usr table nullable and using a null value for the above two cases.
  However null values can be tricky and this could lead to more
  problems.

  Alternatively, we could create a new auth type of "Denied" which would
  be the exact opposite of the "None" institution: it would never let
  users with that authinstance login no matter what.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/904620/+subscriptions

Follow ups

[Bug 904620] A change has been merged
From: Mahara Bot, 2012-01-09
[Bug 904620] [NEW] Internal auth instance cannot be disabled
From: François Marier, 2011-12-15

References

[Bug 904620] [NEW] Internal auth instance cannot be disabled
From: François Marier, 2011-12-15