Details
-
Bug
-
Resolution: Not a bug
-
High
-
None
-
5.6.3
-
None
Description
Steps to Reproduce
- Create a delegated directory, hooked to Active Directory
- Login with an AD user, with the "Remember Me" option checked
- Close the browser completely
- Disable the user in AD (by checking the "Account is disabled" option in User Properties >> Account >> Account Options )
- Launch the browser again, and navigate to Confluence. Notice that you are still logged in as the disabled user.
- The SUCCESSDATE in the logininfo table for this user is updated to the time when step #5 is executed
In a delegated directory, the user will only be locked out from Confluence once the user logs out, and log back in
In a connector directory, a directory sync will automatically lock the user out from Confluence
Attachments
Issue Links
- Discovered while testing
-
CSP-139150 Loading...