Frontend login ignores defined storage pid
I have a login form where only users should be able to login which are stored in a certain folder. I have defined storage pid (via typoscript setup, constants and content element settings), but users in another folder are still able log in.
I’m not sure, but I think it could be a problem of ig_ldap_sso_auth extension and not the core. As a workaround in my case I have set lockToDomain in the user accounts.
#5 Updated by Riccardo De Contardi 26 days ago
- Status changed from New to Needs Feedback
@Bernhard Eckl is this still reproducible? i tried to reproduce it on 9.5.9 with the following test:
- Create a "Users 1" Sysfolder
- Create in it a "users1" fe usergroup
- Create in it a "user1" fe user with assigned group "users1"
- Create a "Users 2" Sysfolder
- Create in it a "users2" fe usergroup
- Create in it a "user2" fe user with assigned group "users2"
- on the Home page (or another page) create a felogin content element
- Edit it and assign to it (User Storage Page) the "Users 1" sysfolder
- Navigate to the page with the login form
- Try to enter with the "user1" user --> result: login is successful
- Try to enter with the "user2" user --> result: login failed
so I think it is not reproducible.
I also tried with both setting the constant
styles.content.loginform.pid and setting the TS Setup
plugin.tx_felogin_pi1.storagePid as the ID of "Users 1" Sysfolder, but the results are the same.
Is there something I missed? Thank you for your reply.