Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Won't Fix
Priority: Critical
Fix Version/s: COmanage Registry 0.9 (Essential Enneagon)
Affects Version/s: COmanage Registry 0.8.5 (Omnipotent Octagon Strikes Back)
Component/s: Registry, Registry Plugins
Labels:
None
Environment:
Debian 7 MySql

Description

Created a petition for a new member. Did not approve - CO person still at 'pending approval.' Went to edit the CO person, hit 'autogenerate identifiers'. Identifiers were created, provisioning plugins invoked, and principals in provisioned systems created. CO person still at pending approval.

Seems like a big security hole.

Should the 'autogenerate' be disabled until approved? Or Should the provisioning plugins not be invoked, by ID still generated? I think I favor the later as it could be a chance for approver to tweek the ID before provisioning.

Attachments

Activity

People

Assignee:: Benn Oshrin (internet2.edu)

Reporter:: Michael Manske (ligo.org)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 18/Mar/14 4:23 PM

Updated:: 08/Jul/14 2:44 AM

Resolved:: 08/Jul/14 2:44 AM