Skip to content

Document 01N71 and 00N72 for Linked users #189

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 15, 2024
Merged

Document 01N71 and 00N72 for Linked users #189

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c72df33
Document 01N71 and 00N72 for Linked users
renetapopova Oct 14, 2024
6db891a
update 01N71 details
renetapopova Oct 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
152 changes: 136 additions & 16 deletions modules/ROOT/pages/notifications/all-notifications.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2787,21 +2787,33 @@ Use `DATABASE *` without the parameter to revoke the privilege on all databases.
.Notification details
[cols="<1s,<4"]
|===
|Code
|Neo4j code
m|Neo.ClientNotification.Security.AuthProviderNotDefined
|Title
a|The auth provider is not defined.
|Description
a|The auth provider `<provider>` is not defined in the configuration.
Verify that the spelling is correct or define `<provider>` in the configuration.
|Severity
m|INFORMATION
a|The auth provider `$provider` is not defined in the configuration.
Verify that the spelling is correct or define `$provider` in the configuration.
|Category
m|SECURITY
|GQLSTATUS code
m|00N72
|Status description
a|note: successful completion - undefined auth provider.
The auth provider { $auth } is not defined in the configuration.
Verify that the spelling is correct or define { $auth } in the configuration.
|Classification
m|SECURITY
|SeverityLevel
m|INFORMATION
|===


.Create a user with an auth provider that is not defined in the configuration
====
[.tabbed-example]
=====
[.include-with-neo4j-code]
======
Command::
+
[source, cypher]
Expand All @@ -2816,10 +2828,35 @@ Verify that the spelling is correct or define `unknownProvider` in the configura
Suggestions for improvement::
Make sure that the given provider is correct, or replace it if not.
If it is correct, make sure to add it as a known auth provider in one or both of `dbms.security.authentication_providers` and `dbms.security.authorization_providers`.
====
======
[.include-with-GQLSTATUS-code]
======
Command::
+
[source, cypher]
----
CREATE USER foo SET AUTH 'unknownProvider' { SET ID 'idString' }
----

Returned GQLSTATUS code::
00N72

Returned status description::
note: successful completion - undefined auth provider.
The auth provider `unknownProvider` is not defined in the configuration.
Verify that the spelling is correct or define `unknownProvider` in the configuration.

Suggestions for improvement::
Make sure that the given provider is correct, or replace it if not.
If it is correct, make sure to add it as a known auth provider in one or both of `dbms.security.authentication_providers` and `dbms.security.authorization_providers`.
======
=====

.Alter a user to add an auth provider that is not defined in the configuration
====
[.tabbed-example]
=====
[.include-with-neo4j-code]
======
Command::
+
[source, cypher]
Expand All @@ -2834,28 +2871,62 @@ Verify that the spelling is correct or define `unknownProvider` in the configura
Suggestions for improvement::
Make sure that the given provider is correct, or replace it if not.
If it is correct, make sure to add it as a known auth provider in one or both of `dbms.security.authentication_providers` and `dbms.security.authorization_providers`.
====
======

[.include-with-GQLSTATUS-code]
======
Command::
+
[source, cypher]
----
ALTER USER foo SET AUTH 'unknownProvider' { SET ID 'idString' }
----

Returned GQLSTATUS code::
00N72

Returned status description::
note: successful completion - undefined auth provider.
The auth provider `unknownProvider` is not defined in the configuration.
Verify that the spelling is correct or define `unknownProvider` in the configuration.

Suggestions for improvement::
Make sure that the given provider is correct, or replace it if not.
If it is correct, make sure to add it as a known auth provider in one or both of `dbms.security.authentication_providers` and `dbms.security.authorization_providers`.
======
=====


[#_neo_clientnotification_security_externalauthnotenabled]
=== ExternalAuthNotEnabled

.Notification details
[cols="<1s,<4"]
|===
|Code
|Neo4j code
m|Neo.ClientNotification.Security.ExternalAuthNotEnabled
|Title
a|External auth for user is not enabled.
|Description
a|Use setting `dbms.security.require_local_user` to enable external auth.
|Severity
m|WARNING
|Category
m|SECURITY
|GQLSTATUS code
m|01N71
|Status description
|warn: external auth disabled.
Use the setting 'dbms.security.require_local_user' to enable external auth.
|Classification
m|SECURITY
|SeverityLevel
m|WARNING
|===

.Create a user with an external auth provider when linked users are not enabled
====
[.tabbed-example]
=====
[.include-with-neo4j-code]
======
Command::
+
[source, cypher]
Expand All @@ -2866,10 +2937,35 @@ CREATE USER foo SET AUTH 'exampleProvider' { SET ID 'idString' }
Suggestions for improvement::
Enable linked users through the `dbms.security.require_local_user` setting.
Until enabled, the new external auth will be ignored, and current external auth behaviors will continue to apply.
====
======
[.include-with-GQLSTATUS-code]
======
Command::
+
[source, cypher]
----
CREATE USER foo SET AUTH 'exampleProvider' { SET ID 'idString' }
----

Returned GQLSTATUS code::
01N71

Returned status description::
warn: external auth disabled.
Use the setting 'dbms.security.require_local_user' to enable external auth.

Suggestions for improvement::
Enable linked users through the `dbms.security.require_local_user` setting.
Until enabled, the new external auth will be ignored, and current external auth behaviors will continue to apply.

======
=====

.Alter a user to add an external auth provider when linked users are not enabled
====
[.tabbed-example]
=====
[.include-with-neo4j-code]
======
Command::
+
[source, cypher]
Expand All @@ -2880,7 +2976,31 @@ ALTER USER foo SET AUTH 'exampleProvider' { SET ID 'idString' }
Suggestions for improvement::
Enable linked users through the `dbms.security.require_local_user` setting.
Until enabled, the new external auth will be ignored, and current external auth behaviors will continue to apply.
====
======

[.include-with-GQLSTATUS-code]
======
Command::
+
[source, cypher]
----
ALTER USER foo SET AUTH 'exampleProvider' { SET ID 'idString' }
----

Returned GQLSTATUS code::
01N71

Returned status description::
warn: external auth disabled.
Use the setting 'dbms.security.require_local_user' to enable external auth.

Suggestions for improvement::
Enable linked users through the `dbms.security.require_local_user` setting.
Until enabled, the new external auth will be ignored, and current external auth behaviors will continue to apply.

======
=====


[#_topology_notifications]
== `TOPOLOGY` category
Expand Down