[CWD-1868] Provide option to disallow auto creation of users in the Delegated Authentication Directory (mimic OSUser LDAP behaviour)

Type: Suggestion
Resolution: Fixed
Fix Version/s: 2.1
Component/s: Directory - Internal/Delegated
Labels:
None

Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

OSUser's LDAP integration (ie. JIRA's current LDAP integration) offers delegated authentication to LDAP and does not automatically create the user in locally on successful auth.

The current Crowd Delegated Authentication Directory does perform the auto create on successful auth.

We could provide a flag to option to disable auto creation of users upon successful auth - this makes migration from JIRA's user management system easier as JIRA's LDAP config does not store the necessary data (such as user attribute mapping, eg. firstname, lastname, email, etc) to generate the user object for auto-creation.

If auto-create is disabled, then authentication should fail immediately if the user with the supplied username does not exist locally.

Helen Hung (Inactive) added a comment - 05/Mar/2013 11:53 PM

Hi william.juteau@europe.adp.com, thanks for your comment, however at this moment in time, we will not be changing the documentation to include this database customisation since it is not standard configurable behaviour recommended in Crowd.

Helen Hung (Inactive) added a comment - 05/Mar/2013 11:53 PM Hi william.juteau@europe.adp.com , thanks for your comment, however at this moment in time, we will not be changing the documentation to include this database customisation since it is not standard configurable behaviour recommended in Crowd.

William JUTEAU added a comment - 25/Feb/2013 3:36 PM

Plsea write down somewhere in the admin guide that this parameter is still only editable directly through database

Thanks !

William JUTEAU added a comment - 25/Feb/2013 3:36 PM Plsea write down somewhere in the admin guide that this parameter is still only editable directly through database Thanks !

shihab added a comment - 12/Nov/2010 4:25 AM

Implemented. Directory attribute crowd.delegated.directory.auto.create.user controls behaviour.

shihab added a comment - 12/Nov/2010 4:25 AM Implemented. Directory attribute crowd.delegated.directory.auto.create.user controls behaviour.

Assignee:: shihab

Reporter:: shihab

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 12/Apr/2010 1:45 AM

Updated:: 19/Sep/2019 5:50 AM

Resolved:: 12/Nov/2010 4:25 AM

Details

Description

Attachments

Forms

Activity

Collapse comment: Helen Hung (Inactive) added a comment - 05/Mar/2013 11:53 PM

Expand comment: Helen Hung (Inactive) added a comment - 05/Mar/2013 11:53 PM

Collapse comment: William JUTEAU added a comment - 25/Feb/2013 3:36 PM

Expand comment: William JUTEAU added a comment - 25/Feb/2013 3:36 PM

Collapse comment: shihab added a comment - 12/Nov/2010 4:25 AM

Expand comment: shihab added a comment - 12/Nov/2010 4:25 AM

People

Dates