Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-112653

Design how to handle unprovisioned users in configured IdP

    Details

    • Spike Type:
      Technical
    • Sprint:
      Iteration 38, Iteration 39, Iteration 40, Iteration 41, Iteration 42, Iteration 43, Iteration 44, Iteration 45, AppSec Iteration 51, AppSec Iteration 52, AppSec Iteration 53, AppSec Iteration 54, AppSec Iteration 55, AppSec Iteration 56, AppSec Iteration 57, AppSec Iteration 58, AppSec Iteration 59, AppSec Iteration 60, AppSec Iteration 61, AppSec Iteration 62, AppSec Iteration 63, AppSec Iteration 64, AppSec Iteration 65

      Description

      1. Define what unprovisioned may mean on IdP side.
      2. How the users become unprovisioned. Is there a standard protocol specification for this we can leverage?
      3. What the possibilities are to implement this.
      4. How to remove users from the SP if they are removed from IdP?
      5. Should the SP user be deactivated only, to prevent a new user being created in future with same "identity"?
      6. What should happen to portal (SP) models/assets owned by an unprovisioned user?
      7. What if a SP user exists on multiple connected IdPs? Is it fine that its unprovisioning from one IdP only should cause the user to be removed on the SP?
      8. Right now it is a user choice which connected IdP the SP user authenticates with. Do we need to change this to bind SP users to specific IdPs?
      9. What about privacy aspects?

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              stian.sigvartsen Stian Sigvartsen
              Reporter:
              zsigmond.rab Zsigmond Rab
              Engineering Assignee:
              SE Support
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:

                  Packages

                  Version Package