Defect #2594: Authentication: Disabled identity is not checked by sso and target system authentication (disabled identity can log in over sso or target system). - IdStory Identity Manager

Actions

Copy link

Defect #2594

closed

Authentication: Disabled identity is not checked by sso and target system authentication (disabled identity can log in over sso or target system).

Added by Radek Tomiška about 4 years ago. Updated about 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Radek Tomiška

Category:

Authentication / Authorization

Target version:

10.7.0

Start date:

11/30/2020

Due date:

% Done:

100%

Estimated time:

Affected versions:

10.5.0, 10.6.0

Owner:

Description

Disabled identity is not checked in sso authentication filters (SsoIdmAuthenticationFilter) and target system authentication filters (DefaultAccAuthenticator, DefaultAccMultipleSystemAuthenticator) => valid token is created for disabled identity and identity is successfully authenticated.
Fix mentioned filters to not authenticate invalid identity.

Issue is connected to #2413, where invalid identity was checked even if token is valid (as "duplicate" check).

Related issues

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

IdStory Identity Manager

Custom queries

Defect #2594

Authentication: Disabled identity is not checked by sso and target system authentication (disabled identity can log in over sso or target system).

Updated by Radek Tomiška about 4 years ago

Updated by Radek Tomiška about 4 years ago

Updated by Radek Tomiška about 4 years ago

Updated by Vít Švanda about 4 years ago

Updated by Radek Tomiška about 4 years ago