Github user karuturi commented on a diff in the pull request: https://github.com/apache/cloudstack/pull/755#discussion_r38513021 --- Diff: server/src/com/cloud/user/AccountManagerImpl.java --- @@ -2145,14 +2145,10 @@ private UserAccount getUserAccount(String username, String password, Long domain s_logger.debug("Attempting to log in user: " + username + " in domain " + domainId); } UserAccount userAccount = _userAccountDao.getUserAccount(username, domainId); - if (userAccount == null) { - s_logger.warn("Unable to find an user with username " + username + " in domain " + domainId); - return null; - } boolean authenticated = false; HashSet<ActionOnFailedAuthentication> actionsOnFailedAuthenticaion = new HashSet<ActionOnFailedAuthentication>(); - User.Source userSource = userAccount.getSource(); + User.Source userSource = userAccount != null ? userAccount.getSource(): User.Source.UNKNOWN; --- End diff -- I checked that after the discussion yesterday. Every authenticator checks if a user exists in cloudstack. That responsibility is with the authenticator. In the earlier case, if the user doesnt exist, it throws a NPE on line 2155 which is a recent change. Prior to that change, any cloud provider can write an authenticator which always returns true even when cloudstack account doesnt exist. But, will break in lot of other places with NPEs as the rest of the app assumes logged in user has an account in cloudstack db. I think that needs to be fixed so that anyone can plugin their own user management system without using native cloudstack users.
--- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---