Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • lemonldap-ng lemonldap-ng
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 329
    • Issues 329
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 12
    • Merge requests 12
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • LemonLDAP NG
  • lemonldap-nglemonldap-ng
  • Issues
  • #2043

Closed
Open
Created Dec 17, 2019 by Clément OUDOT@clement_oudotOwner

Using session info in Combination rules

In version 1.9, I had a rule in Multi that used a session attribute to enable/disable a module in the stack. The use case was to dismiss Kerberos for generic accounts, so users need to enter their personal login/password on the login form.

The Multi rule was something like this:

Kerberos $employeeType !~ /generic/; LDAP

So the Kerberos authentication was done, the user was found but before the final authentication step the rule was evaluated (with the Safe cage) and returned false (because at the end the $employeeType was filled), so the Kerberos authentication was refused and Multi was then using LDAP to authenticate user.

How could we reproduce the same behavior in Combination? In Combination, we only have access to $env.

Assignee
Assign to
Time tracking