Accepts null as extern_uid with Shibboleth OmniAuth
Created by: Aethylred
We had an issue with the SP not requesting HTTP_EPPN correctly when authenticating users, this meant some users were logging in with a null extern_uid
May 25, 2015 17:49: (OAuth) saving user [email protected] from logi
n with extern_uid => [email protected]
June 03, 2015 11:22: (OAuth) saving user [email protected] from login wi
th extern_uid =>
June 03, 2015 11:35: (OAuth) saving user [email protected] from login with extern_uid =>
June 03, 2015 11:37: (OAuth) saving user [email protected] from login with extern_uid =>
June 03, 2015 14:42: (OAuth) saving user [email protected] from login with extern_uid =>
June 03, 2015 15:20: (OAuth) saving user [email protected] from login with extern_uid => [email protected]This meant users Y and Z had the same null extern_uid and kept logging in and getting the same 'identity'
The expected outcome was that users with a null extern_uid would be rejected as unauthorized.