Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.if a user comes to the site & their account is created via siteminder an entry is created in the siteminder table that maps the drupal uid to the siteminder identifier.
if a drupal admin deletes the user that was created, that entry is left in the database. Now, if that user comes back, they receive an access denied because siteminder finds the id in its list, but cant load the user.
Ultimately, this is actually a job for the authmap table which was designed specifically for the purpose of linking drupal users to external authentication systems. my suggestion is to switch to using the authmap table and let drupal clean up the data in it when the user is deleted.
initially, since switching to using the authmap table would require a reasonable rewrite of code, we simply need the following code:
function siteminder_user($op, $edit, $user){
switch($op){
case 'delete':
db_query("delete from {siteminder} where uid=%d", $user->uid);
}
}
I'll get a patch in for this later too.
| Comment | File | Size | Author |
|---|---|---|---|
| #3 | siteminder-missing_hook_user-802750.patch | 581 bytes | elstudio |
| #1 | missing_hook_user.patch | 673 bytes | netw3rker |
Comments
Comment #1
netw3rker commentedas promised here's the patch that adds the siteminder_user() hook to clean up the siteminder table.
(this might work a little funky since i removed the changes from the patch created via the other issue)
lemme know how it works!
Comment #2
Ian Ward commentedChris, makes sense to add this. The patch just needs to use capitals on the reserved words in the SQL, like DELETE instead of delete. Feel free to apply it w/ those changes.
Comment #3
elstudio commentedHere's a patch for the D7 branch that does this -- using Drupal 7's hook_user_delete instead.