mahara-contributors team mailing list archive

[Simon Story <simon.story@xxxxxxxxxxxxxxx>]

The problem is the configuration ends up in two different states,
depending on the order you do things in.

This is pretty minor, the docs do warn that you registerallowed needs to
be 0 once you set usersuniquebyusername = 1.

People attempting to add SAML (And probably XMLRPC) authentication to an
existing Mahara installation with multiple institutions configured will
be frustrated because automatic user creation will not work for the via
SAML. You shouldn't have to poke the database to make auto-creation work
on an existing installation.

Do the following on a fresh installation:
Create a new institution
Set config item usersuniquebyusername = 1
Add and configure the SAML authentication plugin, enable auto-creation of users.
Attempt to login with with a new user that should autocreate, this will fail.
Configure the default institution to use SAML OR edit the database and set registerallowed = 0 on the default institution (You can't do this via the web interface because the option is hidden because you set usersuniquebyusername = 1)
SAML users can now autocreate.

Do the following on a fresh installation:
For the default institution, add and configure the SAML authentication plugin, enable auto-creation of users.
Set config item usersuniquebyusername = 1
Create a new institution
Add and configure the SAML authentication plugin
Attempt to login with with a new SAML user that should auto-create, this will succeed. 
You can de-configure the SAML plugin on the default institution now and auto-creation some SAML users will still work.

A possible solution is that when the SAML plugin is set to auto-create
users it (After warning the user) disables registration for all other
configured institutions.

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1003980

Title:
  Authentication plugin user autocreation can become impossible

Status in Mahara ePortfolio:
  New

Bug description:
  It is possible to put yourself in a situation where users having users
  auto-created by an authentication plugin is impossible.

  By design, for auto-creation to happen, all institutions must be
  registerallowed = 0 .

  By design, when an authentication plugin is added to an institution,
  registerallowed is set to 0. But it is not set for all institutions,
  if multiple exist.

  Once an authentication plugin is added to an institution, via the web
  interface the control to toggle registerallowed for an institution is
  hidden.

  To reproduce from a fresh installation of Mahara:
  Create an institution
  Set config item usersuniquebyusername = 1
  Add and configure an authentication plugin
  Attempt to login with with a new user that should autocreate, which will fail because the 'mahara' institution will still have registerallowed = 1

  To workaround:
  Connect to the database and set registerallowed = 0 for all institutions, eg 'UPDATE institution set registerallowed = 0 ;'.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1003980/+subscriptions