Properly load roles for external backend user#5463
Closed
sukhwinder33445 wants to merge 1 commit intomainfrom
Closed
Properly load roles for external backend user#5463sukhwinder33445 wants to merge 1 commit intomainfrom
sukhwinder33445 wants to merge 1 commit intomainfrom
Conversation
sukhwinder33445
changed the title
sukhwinder33445
force-pushed
the
fix/properly-load-roles-for-external-backend
branch
2 times, most recently
from
0803061 to
8034c84
Compare
sukhwinder33445
force-pushed
the
fix/properly-load-roles-for-external-backend
branch
from
8034c84 to
6848ee3
Compare
Member
|
Sounds like #5387 solves the linked issue as well. |
Contributor
Author
|
Yes, #5387 solves this issue. |
sukhwinder33445
deleted the
fix/properly-load-roles-for-external-backend
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
fixes #5464
Bootstrap: Module Loading and Authentication Order:
First,
bootstrap->loadEnabledModules()is executed. Then the authentication configuration (authentication.ini) is loaded and initialized viabootstrap->setupUserBackendFactory(). Only after these steps, the login form is evaluated, and the user is authenticated.The problem is caused by the call to
IcingadbSupport::useIcingaDbAsBackend()in the modules’ run.php file.When
bootstrap->loadEnabledModules()loads a module, itsrun.phpfile is executed immediately. The call toIcingadbSupport::useIcingaDbAsBackend()triggers the following call chain:hasPermission() -> isAuthenticated() -> authExternal().Normally, modules are loaded without an authenticated user because this call chain returns false. However, when an external user logs in,
authExternal()marks the user as authenticated by callingsetAuthenticated().At this point,
UserBackend::$backendsis not yet initialized. Because of this, user groups and roles cannot be loaded.Icinga Web 2 shows the following error: