[BSERV-8685] "Internal with DELEGATED authentication" config - SSH Keys grant access to repos although the user is deleted - Create and track feature requests for Atlassian products.

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Low
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 4.10.0
Component/s: Authentication, Crowd, Security - Other, SSH
Labels:

Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Setup

User management configuration:
Internal with delegated LDAP --> DirectoryA
Copy users on login: checked

Steps to reproduce

1) User A which password lives in DirectoryA, upload an SSH key to her profile.
2) User A gets Write Repo permissions in RepoA
3) User A account is deleted from DirectoryA
4) UserA is able to push through ssh

Attachments

Issue Links

causes

BSERV-9458 auth.remote.cache.ttl & auth.remote.cache.cacheSize parameters cannot be changed

Closed

BSERV-11647 Heavy SSH load can result in active check backlogs

Gathering Impact

relates to

BSERV-7148 Expired user in Active Directory do not stop user from cloning via SSH

Closed

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(4 mentioned in)

Activity

People

Assignee:: Paul Thompson (Inactive)

Reporter:: Adam Ahmed (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 12 Start watching this issue

Dates

Due:: 06/Jul/2016

Created:: 10/May/2016 3:54 AM

Updated:: 15/Mar/2019 2:16 AM

Resolved:: 22/Sep/2016 1:18 AM