'Invalid accounts' and the backend redirection service

Yesterday I ran into an issue with an LDAP implementation. I didn’t create a Neos user for accounts that were created during authentication. This leads to an issue because Neos redirects you to your personal workspace after login, and does so by finding your workspace name based on the User model attached to the account. If it can not find that user it will redirect you to an empty url. This then leads to a redirect loop with the login screen.

What would be a graceful way to handle this situation? Basically the account is authenticated but invalid. Neos will break (can not store preferences, show name, and so on). Should we actively logout the session and give a warning on the login screen that the account is broken?

Open for suggestions :wink:

Basically something along the lines of:
The account you logged in is not associated with a valid neos backend user and therefore we cannot proceed to the backend…

1 Like