habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sources/kerberos: add kiprop to ignored system principals (cherry-pick #11852) (#11853)

Browse Source 
sources/kerberos: add kiprop to ignored system principals (#11852)

Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
This commit is contained in:
gcp-cherry-pick-bot[bot]
2024-10-29 17:31:32 +01:00
committed by GitHub
parent 3775e5b84f
commit 8c547589f6
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
blueprints/system/sources-kerberos.yaml
View File

@ -38,7 +38,7 @@ entries:
name: "authentik default Kerberos User Mapping: Ignore system principals"
expression: |
localpart, realm = principal.rsplit("@", 1)
denied_prefixes = ["kadmin/", "krbtgt/", "K/M", "WELLKNOWN/"]
denied_prefixes = ["kadmin/", "krbtgt/", "K/M", "WELLKNOWN/", "kiprop/", "changepw/"]
for prefix in denied_prefixes:
if localpart.lower().startswith(prefix.lower()):
raise SkipObject