Bug #88037
closed
Frontend login ignores defined storage pid
Added by Bernhard Eckl about 5 years ago.
Updated over 4 years ago.
Description
I have a login form where only users should be able to login which are stored in a certain folder. I have defined storage pid (via typoscript setup, constants and content element settings), but users in another folder are still able log in.
Edit:
I’m not sure, but I think it could be a problem of ig_ldap_sso_auth extension and not the core. As a workaround in my case I have set lockToDomain in the user accounts.
- Description updated (diff)
- Status changed from New to Needs Feedback
@Bernhard Eckl is this still reproducible? i tried to reproduce it on 9.5.9 with the following test:
Setup¶
- Create a "Users 1" Sysfolder
- Create in it a "users1" fe usergroup
- Create in it a "user1" fe user with assigned group "users1"
- Create a "Users 2" Sysfolder
- Create in it a "users2" fe usergroup
- Create in it a "user2" fe user with assigned group "users2"
- on the Home page (or another page) create a felogin content element
- Edit it and assign to it (User Storage Page) the "Users 1" sysfolder
Test¶
- Navigate to the page with the login form
- Try to enter with the "user1" user --> result: login is successful
- Try to enter with the "user2" user --> result: login failed
so I think it is not reproducible.
Note:¶
I also tried with both setting the constant styles.content.loginform.pid and setting the TS Setup plugin.tx_felogin_pi1.storagePid as the ID of "Users 1" Sysfolder, but the results are the same.
Is there something I missed? Thank you for your reply.
- Status changed from Needs Feedback to Closed
No feedback since the last 90 days > closing it.
If you think that this is the wrong decision or experience the issue again please reopen it or ping me.
Thank you.
Also available in: Atom
PDF
Updated by 
Updated by