Complain if there is an auth session but no remote user

clarin-eric / component-registry-rest

Component Registry back end

GNU General Public License v3.0

2 stars 1 forks source link

Complain if there is an auth session but no remote user #43

Open twagoo opened 5 years ago

twagoo commented 5 years ago

We recently had a case where a user logged in via their IdP, which worked except that the required identifying attributes (i.e. EPPN) were not released. Therefore the user was returned to the component registry in effectively unauthenticated state without any error. It would be nice to detect such case (i.e. there being a session but no remote user) and notify the user about this.

dietervu commented 5 years ago

In this specific case, as far as I can see, EPTID was released. I thought that should be sufficient as an identifying attribute?

twagoo commented 5 years ago

In this specific case, as far as I can see, EPTID was released. I thought that should be sufficient as an identifying attribute?

It should be. There is a possibility that something went wrong with attribute translation, I believe this has happened before. Maybe @andmor- or @WillemElbers will be able to say something more about this...