Please log in to subscribe to updates for this article
Last updated at Fri Aug 12 21:09, by lsproc
Table of contents
Technical details ⇑ top
Unique users and groups ⇑ topThe Bug Genie expects only one user to exist per username. If more than one is found, an error is shown stating that the password was rejected.
If you have a group restriction, if multiple groups exist per group name, that group name is ignored.
New sessions and session validation ⇑ topWhen logging in, the UID will be looked up using the control user. If the user is found, and a group restriction is set, we check to see if the user is allowed access, and if not, an error is shown. If the user is not found, an error is also shown.
If we are creating a new session, the user's password is checked by binding to the directory. If the bind is successful, we then either create a new user in TBG's user table, or update the existing one with the latest realname and email from the directory. Users are assigned a random password. If the user could not be found, an error occurs.
If we are validating an existing session, all of the above occurs but no bind is made. We instead move straight to the entry in the users table. If no entry exists, we return an error as the session is no longer valid, otherwise we update the entry as per before.