[RADIATOR] Blacklist issue

Patrik Forsberg patrik.forsberg at globalconnect.se
Tue Aug 22 13:03:18 UTC 2023 

Hey 😊

So, if I understand this correctly, I can combine “NoDefault” with “Blacklist” ?
If so.. will it block the user if “DEFAULT” is under evaluation ?

The function of “Default” will never be of use for me anyway so if I can simply disable this functionality and then be able to check for the username DEFAULT instead that is perfect..

---
Best Regards,
Patrik

From: Hugh Irvine <hugh at radiatorsoftware.com>
Sent: Tuesday, August 22, 2023 12:33 PM
To: Patrik Forsberg <patrik.forsberg at globalconnect.se>; radiator at lists.open.com.au
Subject: Re: [RADIATOR] Blacklist issue




Hey Patrik -

Very good to hear from old friends!

As it happens, this is very much by design.

Radiator has a "special" user called DEFAULT as described in the manual:



3.32.13. NoDefault

Normally if Radiator searches for a user in the database and either does not find one, or finds one but the users check items fail, Radiator will then consult the DEFAULT user entry. However, if the NoDefault parameter is set, Radiator will never look for a DEFAULT.



3.32.14. NoDefaultIfFound

Normally if Radiator searches for a user in the database and finds one, but the users check items fail, Radiator will then consult the DEFAULT user entry. However, if the NoDefaultIfFound parameter is set, Radiator will only look for a DEFAULT if there were no entries found in the user database for the user.



My suggestion is don't use it as you are trying to do.

cheers from Oz

Hugh


On 22/8/2023 17:38, Patrik Forsberg via radiator wrote:
Hello,
I’m using the ”blacklist” knob in an authby to reject people I don’t like 😝
I had an issue this weekend where the user “DEFAULT” was added to the list of users, for some reason, and after that no one could login anymore.
After deleting this user all went back to normal again ..

Question.. is this a by design feature or bug/flaw ?
Seems a bit odd that I can’t reject a user by the name “DEFAULT” in a blacklist 😊

The AuthBy is an AuthBy SQL so the list of users is in an mariadb table.
The authby looks like this  (username/password and so forth replaced)
“
<AuthBy SQL>
    Identifier              AuthenticateSQLBlacklist

    DBSource                dbi:MariaDB:database=db;host=host;port=3306
    DBUsername              dbuser
    DBAuth                  dbauth

    UsernameMatchesWithoutRealm

    AuthSelect              SELECT NULL FROM `blacklist` WHERE BINARY `username` = ?
    AuthSelectParam         %0

    AuthColumnDef 0, User-Password, check

    Blacklist
</AuthBy>
“

---
Best Regards,
Patrik




_______________________________________________

radiator mailing list

radiator at lists.open.com.au<mailto:radiator at lists.open.com.au>

https://lists.open.com.au/mailman/listinfo/radiator
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20230822/0d203913/attachment.html>

More information about the radiator mailing list