Skip to content

Commit

Permalink
feat: Add the possibitily to not authorize the login against the exte…
Browse files Browse the repository at this point in the history
…rnal store - EXO-68030 - Meeds-io/meeds#1417 (#91)

In some case, when the platform is configured with an external user store AND SSO like OIDC, the IDP have security rules for the login like MFA.
But, as the user is present in the external store, he can logs with the eXo login form, bypassing security rules
This commit add a property to refused the connection for a user in the external store by the exo login form.
He have to use the IDP login form
  • Loading branch information
rdenarie committed Dec 8, 2023
1 parent 2aab923 commit 2f5ba82
Showing 1 changed file with 2 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,8 @@ public interface IDMExternalStoreService {

public static final String USER_PROFILE_ADDED_FROM_EXTERNAL_STORE = "exo.idm.externalStore.user.profile.new";

public static final String AUTHORIZE_LOGIN_PARAM = "exo.idm.externalStore.authorizelogin";

/**
* Authenticates user using external store only
*
Expand Down

0 comments on commit 2f5ba82

Please sign in to comment.