If a user has an account with a local Drupal login.
Then separately creates an SSO account on your IdP.
And usernames match.

The user_external_load() function will fail and they will find themselves hitting user_external_login_register() with an existing username with no authmap entry.
This will trigger a registration attempt for an existing user and error out the site with an integrity constraint, just for them, as nearly WSOD.

This violation did not exist in D6, and actually registered a new user on top of the old user with the same username.

The authmap creation discussed here #1280930: Create authmap entries for pre-existing Drupal users is highly related.

Comments

doublejosh’s picture

doublejosh commented

One solution is to give all users an authmap for simpleSAMLphp_auth.
Creating an admin options over here: http://drupal.org/node/1280930#comment-6124932

colan’s picture

colan
he/him
Primary language English
Location Toronto 🇨🇦
commented
Status: Active » Closed (duplicate)

Marking this as a duplicate of that one. When that's resolved, it'll fix this.