Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dex should not allow logins with empty groups assigned to the user #3608

Open
3 tasks done
Marcel2603 opened this issue Jul 8, 2024 · 1 comment
Open
3 tasks done

Dex should not allow logins with empty groups assigned to the user #3608

Marcel2603 opened this issue Jul 8, 2024 · 1 comment

Comments

@Marcel2603
Copy link

Preflight Checklist

  • I agree to follow the Code of Conduct that this project adheres to.
  • I have searched the issue tracker for an issue that matches the one I want to file, without success.
  • I am not looking for support or already pursued the available support channels without success.

Version

2.39.1

Storage Type

Kubernetes

Installation Type

Official Helm chart

Expected Behavior

If a user logs in via ldap, dex will verify the user and if the user don't has any group attached, he will be getting an 403.

Actual Behavior

The user can sucessfully login and has no groups in the system.

Steps To Reproduce

  1. Configure Dex with Ldap
  2. Login with a User who matches the Userfilter but has noch Group inside the Groupfilter
  3. Login will be successful

Additional Information

No response

Configuration

No response

Logs

No response
@nabokihms
Copy link
Member

@Marcel2603 hello! Is this a degradation after an upgrade? I believe it always works as you described in the actual behavior.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nabokihms @Marcel2603