Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-18135

Unable to determine priviliges given to LDAP users

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: New
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.13.0
    • Fix Version/s: None
    • Component/s: LDAP, UI
    • Labels:

      Description

      In Nexus 3 it is not possible to see which permissions have been granted to individual LDAP user.

      Pre-Conditions

      • LDAP connection is seup

      Reproduction Steps

      1. Navigate to admin > security > users
      2. Select Source = "LDAP"
      3. enter and ldap user in the field "Filter for user id"
      4. Doubleclick user
      5. Assign a role e.g. ng-admin and save changes

      Expected Result

      1. Under Manage Users I would see the individual users and the roles that have been assigned directly
      2. In de respective role under admin > security > roles (e.g. nx-admin) I would see which users have been assigned the role

      Actual Result

      1. Only local users are shown
      2. There are on individual users shown

      This is a huge security risk as one might not see or be aware of individual users who have to much permission (e.g. nx-admin role)

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              papanito Papanito
              Last Updated By:
              Peter Lynch Peter Lynch
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Date of First Response:

                  tigCommentSecurity.panel-title