Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-34101

Bypass external authentication when user doesn't exist in Moodle yet and "account creation when authenticating" is disabled

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.2.3
    • Fix Version/s: 2.4
    • Component/s: Authentication
    • Labels:
      None
    • Testing Instructions:
      Hide

      1/ enable "prevent account creation" in general auth settings
      2/ verify error log after login with non-existent username - "Unknown user, can not create new accounts" expected
      3/ disable "prevent account creation" in general auth settings
      4 / verify error log after login with non-existent username - "Failed login" expected

      Show
      1/ enable "prevent account creation" in general auth settings 2/ verify error log after login with non-existent username - "Unknown user, can not create new accounts" expected 3/ disable "prevent account creation" in general auth settings 4 / verify error log after login with non-existent username - "Failed login" expected
    • Affected Branches:
      MOODLE_22_STABLE
    • Fixed Branches:
      MOODLE_24_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      w28_MDL-34101_m24_newaccountprev

      Description

      When using Moodle there is always an account created no matter what the authentication method when it is enabled.

      Currently we are using manual accounts and are working on setting up LDAP. We currently have "account creation when authenticating" disabled so that users cannot create accounts by authenticating through LDAP while we are setting up and testing. We have rolled out Active Directory logins in some other systems in which the students use. So they think they can come to Moodle and login.

      The issue is if a user doesn't have a manual account yet and tries to login with their Active Directory credentials(which are correct) and the LDAP setup is incorrect they get an LDAP bind error. Now since they don't have an account yet and account creation is disabled it shouldn't even try to authenticate with any external auth.

      I've made some changes to the lib/moodlelib.php that if the user doesn't exist and the "account creation when authenticating" is disabled then it doesn't even check for authentication.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  3/Dec/12