Expired XNAT LDAP Account Page

59 views
Skip to first unread message

Duncan Smith

unread,
Jul 21, 2021, 12:03:51 PM7/21/21
to xnat_discussion
Hi all,

We've encountered some unexpected behaviour when a user attempts to sign in with an expired XNAT LDAP account (expired on the XNAT side). 

When Require Email Verification is set to False/Not Required (Administer > Site Administration > Manage Access > Registration Options) if a user attempts to sign in with their LDAP credentials but the associated XNAT account is expired, they receive the error "Your login attempt failed because the username and password combination you provided was invalid or your user already has the maximum number of user sessions open. etc.". However if Require Email Verification is set to True/Required, when the user attempts to sign in with their LDAP credentials they are taken to the PostRegister.vm page, saying Registration Received etc.

We have tested this on XNAT 1.7.6, and 1.8.2.2, with the LDAP Plugin being the only Plugin installed. Is this the expected behaviour?

We have a custom plugin that changes some of the text on the PostRegister.vm page to explain how their XNAT LDAP account has expired, but also we have the Require Email Verification set to False, so the users never reach this page.

Thanks,

Duncan

Herrick, Rick

unread,
Jul 21, 2021, 12:24:43 PM7/21/21
to xnat_di...@googlegroups.com

That doesn’t sound great. I wouldn’t so much say that it’s the expected behavior, just that it’s the default behavior because we don’t handle it well.

 

What I’m saying is that that’s a bug, so I wrote it up in XNAT-6860. Thanks for the report and good description!

 

-- 

Rick Herrick

Sr. Programmer/Analyst

Neuroinformatics Research Group

Washington University School of Medicine

Phone: +1 (314) 273-1645

 

From: xnat_di...@googlegroups.com <xnat_di...@googlegroups.com> on behalf of Duncan Smith <duno...@gmail.com>
Date: Wednesday, July 21, 2021 at 11:03 AM
To: xnat_discussion <xnat_di...@googlegroups.com>
Subject: [XNAT Discussion] Expired XNAT LDAP Account Page

* External Email - Caution *

--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussi...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/xnat_discussion/69d2a961-5154-46e4-9bba-92084a0053d9n%40googlegroups.com.

 

The materials in this message are private and may contain Protected Healthcare Information or other information of a sensitive nature. If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail.

Duncan Smith

unread,
Jul 22, 2021, 6:30:55 AM7/22/21
to xnat_discussion
Thanks for looking into this Rick, and the quick response.

Duncan
Reply all
Reply to author
Forward
0 new messages