Opened 7 years ago
Closed 7 years ago
#789 closed wish (fixed)
Restrict external auth to memberof group
| Reported by: | jkenyon | Owned by: | |
|---|---|---|---|
| Priority: | minor | Milestone: | 7.7.2 |
| Component: | LDAP / Active Directory | Version: | 7.6.4 |
| Keywords: | Cc: |
Description
On the fly authentication with external auth (e.g. Active Directory) allows for a users profile to be automatically imported if the user authenticates successfully.
In addition to a successful authentication, it would be great if this process could also check if the user is a member of a security group (e.g. "LogicalDOC Users") before creating a profile. This would make managing access from Active Directory much easier.
Change History (5)
comment:1 Changed 7 years ago by jkenyon
comment:2 Changed 7 years ago by car031
- Type changed from improvement to wish
comment:3 Changed 7 years ago by car031
- Milestone set to 7.7.2
ok.
do you want us to add a filter field?
You could write in the filter a comma-separated list of group the simple names like Group A, Group B
So a user is authenticated only if it belongs to one of those groups.
Do you also want us to put similar filter for the usernames ?
comment:4 Changed 7 years ago by jkenyon
Yes correct, a filter field so a user is only authenticated if it belongs to one of the groups specified.
Having a similar filter for usersnames allows for more flexible configuration, so if you can add this too it could be useful.
comment:5 Changed 7 years ago by car031
- Resolution set to fixed
- Status changed from new to closed
Basically we have ability to define a class, base and attribute for both User and Group. The ability to define a filter both user and group is whats required.