Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

SSO Name element forced to be unique

edited September 2010 in Vanilla 2.0 - 2.8
I have a SSO implementation where SyncScreen is set to false. Users flow from my application to the forum, but when a user's name is the same as another user in the vanilla database, the user is not initialised correctly. I can understand why this may have occurred in the past, however with an external authenticator I do not think that the forum should force unique attributes beyond UniqueID.

The most intuitive solution I believe would be to amend the UserModel::Synchronize method to either not validate these details if only used for SSO, or more generally to include a 'forceUnique' parameter defaulting to true/false.

Comments

Sign In or Register to comment.