summaryrefslogtreecommitdiffstats
path: root/src/providers/ipa/ipa_auth.c
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2013-06-24 12:51:53 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-06-24 15:17:20 +0200
commit0535ad2bee920be5c07ee207903c2196eb19c02f (patch)
tree151849e2c692867ecc01f7a5727a9659ba79e1c1 /src/providers/ipa/ipa_auth.c
parent3438815242464a963c0d3a70f16579723a20b52d (diff)
downloadsssd-0535ad2bee920be5c07ee207903c2196eb19c02f.tar.gz
sssd-0535ad2bee920be5c07ee207903c2196eb19c02f.tar.xz
sssd-0535ad2bee920be5c07ee207903c2196eb19c02f.zip
PAC: do not delete originalDN or cached password if present
If the PAC responder recognizes some attribute changes between the cached user entry and the PAC data it quite crudely just removes the cached entry and recreates it. While in most cases all needed data can be recovered from the PAC data there is a case where it is not possible. E.g the IPA HBAC code use the OriginalDN attribute to improve performance when evaluating access rules. This patch makes sure this attribute is not lost when the PAC responder updates the object.
Diffstat (limited to 'src/providers/ipa/ipa_auth.c')
0 files changed, 0 insertions, 0 deletions
generated by cgit (git 2.34.1) at 2024-11-12 12:50:44 +0000