Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

default_acr_values is not used in authentication process #383

Closed
worm333 opened this issue Dec 7, 2016 · 0 comments
Closed

default_acr_values is not used in authentication process #383

worm333 opened this issue Dec 7, 2016 · 0 comments
Assignees
@worm333
Labels
bug bug in code
Milestone
CE 3.0.0

Comments

@worm333
Copy link
Contributor

worm333 commented Dec 7, 2016

Description of this bug is posted here.

Steps to reproduce:

  1. create new custom authentication script with name custom_script in Configuration -> Manage Custom Script
  2. copy entire Script field from basic configuration and modify:
def authenticate(self, configurationAttributes, requestParameters, step)

method to always return False.

  1. register new client and set default_acr_values to custom_script
  2. authenticate to newly created client.
  3. As a result you will be authenticated successfully, despite the fact that authenticate method from custom_script returns False.
@worm333 worm333 added the bug bug in code label Dec 7, 2016
@worm333 worm333 self-assigned this Dec 13, 2016
@worm333 worm333 added this to the CE 3.0.0 milestone Dec 13, 2016
@worm333 worm333 mentioned this issue Dec 18, 2016
Merged
@worm333 worm333 closed this as completed Dec 19, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@worm333 worm333

Labels
bug bug in code
Projects
None yet
Milestone
CE 3.0.0
Development

No branches or pull requests
1 participant
@worm333