Re: [RADIATOR] Blacklist issue

[Hugh Irvine via radiator]

Hi Patrik -
You should build a little test rig in the lab and make sure that this 
will do what you expect.

cheers

Hugh


On 22/8/2023 23:03, Patrik Forsberg via radiator wrote:

Hey 😊

So, if I understand this correctly, I can combine “NoDefault” with 
“Blacklist” ?

If so.. will it block the user if “DEFAULT” is under evaluation ?

The function of “Default” will never be of use for me anyway so if I 
can simply disable this functionality and then be able to check for 
the username DEFAULT instead that is perfect..

---

Best Regards,

Patrik

*From:*Hugh Irvine <h...@radiatorsoftware.com>
*Sent:* Tuesday, August 22, 2023 12:33 PM
*To:* Patrik Forsberg <patrik.forsb...@globalconnect.se>; 
radiator@lists.open.com.au
*Subject:* Re: [RADIATOR] Blacklist issue

Hey Patrik -

Very good to hear from old friends!

As it happens, this is very much by design.

Radiator has a "special" user called DEFAULT as described in the manual:

*3.32.13. NoDefault *

Normally if Radiator searches for a user in the database and either 
does not find one, or finds one but the users check items fail, 
Radiator will then consult the DEFAULT user entry. However, if the 
NoDefault parameter is set, Radiator will never look for a DEFAULT.

*3.32.14. NoDefaultIfFound *

Normally if Radiator searches for a user in the database and finds 
one, but the users check items fail, Radiator will then consult the 
DEFAULT user entry. However, if the NoDefaultIfFound parameter is set, 
Radiator will only look for a DEFAULT if there were no entries found 
in the user database for the user.

My suggestion is don't use it as you are trying to do.

cheers from Oz

Hugh

On 22/8/2023 17:38, Patrik Forsberg via radiator wrote:

    Hello,

    I’m using the ”blacklist” knob in an authby to reject people I
    don’t like 😝

    I had an issue this weekend where the user “DEFAULT” was added to
    the list of users, for some reason, and after that no one could
    login anymore.

    After deleting this user all went back to normal again ..

    Question.. is this a by design feature or bug/flaw ?

    Seems a bit odd that I can’t reject a user by the name “DEFAULT”
    in a blacklist 😊

    The AuthBy is an AuthBy SQL so the list of users is in an mariadb
    table.

    The authby looks like this (username/password and so forth replaced)

    “

    <AuthBy SQL>

    Identifier              AuthenticateSQLBlacklist

    DBSource               
    dbi:MariaDB:database=db;host=host;port=3306
    <MariaDB:database=db;host=host;port=3306>

    DBUsername              dbuser

    DBAuth                  dbauth

    UsernameMatchesWithoutRealm

    AuthSelect              SELECT NULL FROM `blacklist` WHERE BINARY
    `username` = ?

    AuthSelectParam         %0

    AuthColumnDef 0, User-Password, check

    Blacklist

    </AuthBy>

    “

    ---

    Best Regards,

    Patrik



    _______________________________________________

    radiator mailing list

    radiator@lists.open.com.au

    https://lists.open.com.au/mailman/listinfo/radiator


_______________________________________________
radiator mailing list
radiator@lists.open.com.au
https://lists.open.com.au/mailman/listinfo/radiator_______________________________________________
radiator mailing list
radiator@lists.open.com.au
https://lists.open.com.au/mailman/listinfo/radiator