Bug 1343517 - When using external auth and removing a user from all groups the user's groups are not updated and he is still able to log-in to CFME Web-UI
Summary: When using external auth and removing a user from all groups the user's group...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Appliance
Version: 5.4.0
Hardware: All
OS: Linux
high
high
Target Milestone: GA
: 5.6.2
Assignee: Joe Vlcek
QA Contact: amogh
URL:
Whiteboard: ldap
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-06-07 12:04 UTC by John Prause
Modified: 2022-07-09 07:51 UTC (History)
8 users (show)

Fixed In Version: 5.6.2.0
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1342082
Environment:
Last Closed: 2016-10-04 14:26:42 UTC
Category: ---
Cloudforms Team: Unknown
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:1996 0 normal SHIPPED_LIVE Important: CFME 4.1 bug fixes and enhancement update 2016-10-04 18:26:13 UTC

Comment 2 Joe Vlcek 2016-06-27 14:36:16 UTC
I am closing this as NOTABUG. The code works as designed and the desired functionality is obtained by:

If you no longer want an IPA user to be able to log into CMFE
the best thing to do would be to log into the IPA server and reconfigure
the user so they no longer belong to the groups configured on CFME.

Please reopen with more information if you feel this is still an issue.

Comment 3 Joe Vlcek 2016-08-19 13:46:37 UTC
Reopening: After researching more I have discovered this is an issue on 5.6.z

Comment 4 Joe Vlcek 2016-08-24 22:13:10 UTC
$ git cherry-pick -x -m 1  426e642     
[darga bab3149] Merge pull request #10634 from jvlcek/bz_1342082_ext_auth_groups
 Author: Gregg Tanzillo <gtanzill>
 Date: Wed Aug 24 11:43:15 2016 -0400
 2 files changed, 25 insertions(+), 1 deletion(-)

$ git log
commit bab3149e524e31922ef355acb80219572bc00b77
Author: Gregg Tanzillo <gtanzill>
Date:   Wed Aug 24 11:43:15 2016 -0400

    Merge pull request #10634 from jvlcek/bz_1342082_ext_auth_groups

    Update the user when there are no matching groups
    (cherry picked from commit 426e6420e94cb050311ea99992db43dd490992d8)

Comment 5 Satoe Imaishi 2016-08-25 12:55:14 UTC
PR: https://github.com/ManageIQ/manageiq/pull/10634

Comment 6 amogh 2016-10-02 04:39:24 UTC
Verified in 5.6.2.1.20160922130607_92d5b5e. Issue is not reproducible.

When users group is deleted, user login to CFME fails with expected Error message "Login not allowed, User's User is missing. Please contact the administrator"

Comment 8 errata-xmlrpc 2016-10-04 14:26:42 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2016-1996.html


Note You need to log in before you can comment on or make changes to this bug.