Enabling the "Automatically connect existing users" option in the settings might be problematic when used with a provider that doesn't sufficiently validate user's email addresses.
n/a
Add a description to the "Automatically connect existing users" setting to inform the administrator about implications activating the option.
Add an error to the status report page when the option is activated to inform the administrator about an possibly insecure configuration.
* Port to 2.0.x
* D7 implementation in #3005824: Claiming existing Drupal account upon first OpenID authentication
* Status page message
* Status page error
* Details element on settings page with explanatory text for "Automatically connect existing users" checkbox
n/a
n/a
Show commandsStart within a Git clone of the project using the version control instructions.
Or, if you do not have SSH keys set up on git.drupalcode.org:
changes
Comments
Comment #3
sanduhrsComment #4
sanduhrsComment #5
jcnventuraComment #8
jcnventuraDemoted the warning to a warning, not an error. Semantically, an error is something that is breaking the site functionality. This is a big warning, but still a warning.
Also, hook_requirements() should be in the .install file.