You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Group bindings are not working correctly for applications any longer. Only way for the policy to work is with "Negate result" on. With it on, all users can still login to it. To bypass for now I've had to use a policy binding for just my admin account.
To Reproduce
Reproduction assumes you have an admin account and a non-admin account as well as two different groups minimum.
Create application
create policy binding with group for "admins".
Try to log in and get Policy binding 'Binding from App #0 to Group Admins' returned result 'False'
Enable Negate result and now able to log in BUT now other accounts can now access application.
Expected behavior
Binding applications to a group policy should lock out groups that are not part of the policy. It is not working.
Logs
Permission denied
Explanation:
Policy binding 'Binding from App #0 to Group Friends' returned result 'False'
Policy binding 'Binding from App #0 to Group Admins' returned result 'False'
Version and Deployment (please complete the following information):
authentik version: 2024.4.2
Deployment: docker-compose
The text was updated successfully, but these errors were encountered:
Describe the bug
Group bindings are not working correctly for applications any longer. Only way for the policy to work is with "Negate result" on. With it on, all users can still login to it. To bypass for now I've had to use a policy binding for just my admin account.
To Reproduce
Reproduction assumes you have an admin account and a non-admin account as well as two different groups minimum.
Create application
create policy binding with group for "admins".
Try to log in and get
Policy binding 'Binding from App #0 to Group Admins' returned result 'False'
Enable
Negate result
and now able to log in BUT now other accounts can now access application.Expected behavior
Binding applications to a group policy should lock out groups that are not part of the policy. It is not working.
Logs
Version and Deployment (please complete the following information):
The text was updated successfully, but these errors were encountered: