Opened 6 years ago

Closed 6 years ago

#1907 closed enhancement (fixed)

Make it possible to login with external authentication for the root user

Reported by: Nicklas Nordborg Owned by: everyone
Priority: major Milestone: BASE 3.5
Component: core Version:
Keywords: Cc:

Description

Currently, login attempts to root account will never be passed on to external authentication. This was a safety measure to ensure that it is possible to login and make configuration changes in case there is a problem with the external authentication. However, it is also a weakness since the most powerful account is always only protected by a password. Since external authentication is probably used to increase security this should also apply to the root user.

In order to solve the issue with a non-working external authentication, an administrator should instead log in to the server (eg. via ssh) and then:

  1. Stop the Tomcat server
  2. Remove the JAR file responsible for external authentication from the plug-ins directory
  3. Re-start the Tomcat server

Change History (1)

comment:1 Changed 6 years ago by Nicklas Nordborg

Resolution: fixed
Status: newclosed

(In [6685]) Fixes #1907: Make it possible to login with external authentication for the root user

No special treatment for the root user when logging in.

Note: See TracTickets for help on using tickets.