PacketFence - BTS - PacketFence | |||||
| View Issue Details | |||||
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0001421 | PacketFence | core | public | 2012-04-11 12:16 | 2015-02-13 15:35 |
| Reporter | obilodeau | ||||
| Assigned To | |||||
| Priority | high | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | open | ||
| Platform | OS | OS Version | |||
| Product Version | |||||
| Target Version | 3.6.1 | Fixed in Version | |||
| fixed in git revision | |||||
| fixed in mtn revision | |||||
| Summary | 0001421: roles support doesn't handle re-assignment properly yet | ||||
| Description | Due to time constraints, this is a remaining issue of our feature/roles-experiment branch (https://github.com/inverse-inc/packetfence/pull/7 [^]). Basically, if a node changes category but the access re-evaluation returns the same VLAN as the node is currently set to, no deauthentication will take place. This will affect users with few production VLANs and relying on roles instead to do access control. Possible workarounds include: asking users to disconnect / reconnect (or reboot) when re-categorized, changing one line in the code to force deauthentication under certain circumstances or changing VLAN ids in switches.conf and setting proper end-point VLAN in the role on the controller. We could probably come up with other workarounds too if we think about it a little bit more. Will be fixed in next release. | ||||
| Steps To Reproduce | 1. Use roles-based access control 2. Have several categories of users which end-up in the same VLAN 3. Change an active node's category 4. access re-evaluation is performed, VLAN is compared, should be in same VLAN (but in a different role now) Exected result: User deauthentication, new RADIUS Access-Request from user then new role assignment. Actual result: Since locationlog's vlan matches the VLAN that the user should be in no action is performed. | ||||
| Additional Information | |||||
| Tags | No tags attached. | ||||
| Relationships | |||||
| Attached Files | |||||
| Issue History | |||||
| Date Modified | Username | Field | Change | ||
| 2012-04-11 12:16 | obilodeau | New Issue | |||
| 2012-04-11 12:16 | obilodeau | Status | new => assigned | ||
| 2012-04-11 12:16 | obilodeau | Assigned To | => obilodeau | ||
| 2012-04-11 12:43 | obilodeau | Note Added: 0002642 | |||
| 2012-10-26 16:04 | fgaudreault | Assigned To | obilodeau => | ||
| 2012-10-26 16:04 | fgaudreault | Target Version | general => 3.6.1 | ||
| 2015-02-13 15:35 | lmunro | Note Added: 0003737 | |||
| 2015-02-13 15:35 | lmunro | Status | assigned => closed | ||
| Notes | |||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||