We've encountered some unexpected behaviour when a user attempts to sign in with an expired XNAT LDAP account (expired on the XNAT side).
When Require Email Verification is set to False/Not Required (Administer > Site Administration > Manage Access > Registration Options) if a user attempts to sign in with their LDAP credentials but the associated XNAT account is expired, they receive the error "Your login attempt failed because the username and password combination you provided was invalid or your user already has the maximum number of user sessions open. etc.". However if Require Email Verification is set to True/Required, when the user attempts to sign in with their LDAP credentials they are taken to the PostRegister.vm page, saying Registration Received etc.
We have tested this on XNAT 1.7.6, and 188.8.131.52, with the LDAP Plugin being the only Plugin installed. Is this the expected behaviour?
We have a custom plugin that changes some of the text on the PostRegister.vm page to explain how their XNAT LDAP account has expired, but also we have the Require Email Verification set to False, so the users never reach this page.
This scenario needs to be detected so that it doesn't treat a valid login the same way as a failed login. It would be useful to compare against the same workflow but with OpenID instead of LDAP.