[RADIATOR] Blacklist issue
Hugh Irvine
hugh at radiatorsoftware.com
Tue Aug 22 22:19:54 UTC 2023
Hi Patrik -
You should build a little test rig in the lab and make sure that this
will do what you expect.
cheers
Hugh
On 22/8/2023 23:03, Patrik Forsberg via radiator wrote:
>
> Hey 😊
>
> So, if I understand this correctly, I can combine “NoDefault” with
> “Blacklist” ?
>
> If so.. will it block the user if “DEFAULT” is under evaluation ?
>
> The function of “Default” will never be of use for me anyway so if I
> can simply disable this functionality and then be able to check for
> the username DEFAULT instead that is perfect..
>
> ---
>
> Best Regards,
>
> Patrik
>
> *From:*Hugh Irvine <hugh at radiatorsoftware.com>
> *Sent:* Tuesday, August 22, 2023 12:33 PM
> *To:* Patrik Forsberg <patrik.forsberg at globalconnect.se>;
> radiator at lists.open.com.au
> *Subject:* Re: [RADIATOR] Blacklist issue
>
> Hey Patrik -
>
> Very good to hear from old friends!
>
> As it happens, this is very much by design.
>
> Radiator has a "special" user called DEFAULT as described in the manual:
>
> *3.32.13. NoDefault *
>
> Normally if Radiator searches for a user in the database and either
> does not find one, or finds one but the users check items fail,
> Radiator will then consult the DEFAULT user entry. However, if the
> NoDefault parameter is set, Radiator will never look for a DEFAULT.
>
> *3.32.14. NoDefaultIfFound *
>
> Normally if Radiator searches for a user in the database and finds
> one, but the users check items fail, Radiator will then consult the
> DEFAULT user entry. However, if the NoDefaultIfFound parameter is set,
> Radiator will only look for a DEFAULT if there were no entries found
> in the user database for the user.
>
> My suggestion is don't use it as you are trying to do.
>
> cheers from Oz
>
> Hugh
>
> On 22/8/2023 17:38, Patrik Forsberg via radiator wrote:
>
> Hello,
>
> I’m using the ”blacklist” knob in an authby to reject people I
> don’t like 😝
>
> I had an issue this weekend where the user “DEFAULT” was added to
> the list of users, for some reason, and after that no one could
> login anymore.
>
> After deleting this user all went back to normal again ..
>
> Question.. is this a by design feature or bug/flaw ?
>
> Seems a bit odd that I can’t reject a user by the name “DEFAULT”
> in a blacklist 😊
>
> The AuthBy is an AuthBy SQL so the list of users is in an mariadb
> table.
>
> The authby looks like this (username/password and so forth replaced)
>
> “
>
> <AuthBy SQL>
>
> Identifier AuthenticateSQLBlacklist
>
> DBSource
> dbi:MariaDB:database=db;host=host;port=3306
> <MariaDB:database=db;host=host;port=3306>
>
> DBUsername dbuser
>
> DBAuth dbauth
>
> UsernameMatchesWithoutRealm
>
> AuthSelect SELECT NULL FROM `blacklist` WHERE BINARY
> `username` = ?
>
> AuthSelectParam %0
>
> AuthColumnDef 0, User-Password, check
>
> Blacklist
>
> </AuthBy>
>
> “
>
> ---
>
> Best Regards,
>
> Patrik
>
>
>
> _______________________________________________
>
> radiator mailing list
>
> radiator at lists.open.com.au
>
> https://lists.open.com.au/mailman/listinfo/radiator
>
>
> _______________________________________________
> radiator mailing list
> radiator at lists.open.com.au
> https://lists.open.com.au/mailman/listinfo/radiator
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20230823/d0ed372c/attachment-0001.html>
More information about the radiator
mailing list