View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0022567 | mantisbt | authentication | public | 2017-03-22 10:57 | 2017-04-01 00:13 |
Reporter | Falmer | Assigned To | dregad | ||
Priority | normal | Severity | major | Reproducibility | have not tried |
Status | closed | Resolution | no change required | ||
Product Version | 2.2.1 | ||||
Summary | 0022567: Signup of new user | ||||
Description | Hello, I have set the config option $g_allow_signup = OFF; but new users, that are authenticated against our LDAP-server get a new reporter account. Regards | ||||
Tags | No tags attached. | ||||
This works as designed. LDAP authentication uses an "auto create" mechanism following a successful login, because Mantis requires that a user account exists. It is up to you to define the LDAP query in such a way, that only users authorized to login to Mantis are authenticated. You then need to manually set the user's access level as appropriate in the management page. We currently do not have a mechanism to automatically authorizations, e.g. based on an LDAP group. The _allowsignup option disables the possibility to sign up manually from the login page, or to change the password, making sure that the LDAP directory is the single source for authentication. Hope this clarifies. |
|