Complain if there is an auth session but no remote user #43
Assignees
Milestone
Comments
|
In this specific case, as far as I can see, EPTID was released. I thought that should be sufficient as an identifying attribute? |
It should be. There is a possibility that something went wrong with attribute translation, I believe this has happened before. Maybe @andmor- or @WillemElbers will be able to say something more about this... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We recently had a case where a user logged in via their IdP, which worked except that the required identifying attributes (i.e. EPPN) were not released. Therefore the user was returned to the component registry in effectively unauthenticated state without any error. It would be nice to detect such case (i.e. there being a session but no remote user) and notify the user about this.
The text was updated successfully, but these errors were encountered: