Bug: ShibbAuth cannot log in with 'DefaultRole' => false
#9698
Labels
needs triage
This issue has been automatically labelled and needs further triage
Actual behavior
https://github.com/MISP/MISP/tree/2.4/app/Plugin/ShibbAuth#misp-plugin-configuration says to set
DefaultRole
tofalse
to not set a default role and reject logins from users not in a valid role, however, this tries to set the user's role to an empty string, which blocks use creation and log on.This can be worked around by omitting
DefaultRole
fromconfig.php
.Expected behavior
Setting
DefaultRole
tofalse
should behave the same as omitting the option.I think https://github.com/MISP/MISP/blob/536bbb9d92073b2653b781c213f89da33bcb61bf/app/Plugin/ShibbAuth/Controller/Component/Auth/ApacheShibbAuthenticate.php#L122C9-L123C28 needs an additional condition to check the value isn't a boolean
false
.Steps to reproduce
DefaultRole
set tofalse
(issue occurs),DefaultRole
set to1
(login succeeds and regardless of role in SAML user is an admin),DefaultRole
omitted (login succeeds and user has their SAML/Shibboleth assigned role),Version
2.4.189
Operating System
Docker Container
Operating System version
php:7.4-apache
PHP version
7.4
Browser
No response
Browser version
No response
Relevant log output
Extra attachments
No response
Code of Conduct
The text was updated successfully, but these errors were encountered: