Opened 10 years ago
Closed 10 years ago
#1907 closed enhancement (fixed)
Make it possible to login with external authentication for the root user
| Reported by: | Nicklas Nordborg | Owned by: | everyone |
|---|---|---|---|
| Priority: | major | Milestone: | BASE 3.5 |
| Component: | core | Version: | |
| Keywords: | Cc: |
Description
Currently, login attempts to root account will never be passed on to external authentication. This was a safety measure to ensure that it is possible to login and make configuration changes in case there is a problem with the external authentication. However, it is also a weakness since the most powerful account is always only protected by a password. Since external authentication is probably used to increase security this should also apply to the root user.
In order to solve the issue with a non-working external authentication, an administrator should instead log in to the server (eg. via ssh) and then:
- Stop the Tomcat server
- Remove the JAR file responsible for external authentication from the plug-ins directory
- Re-start the Tomcat server
Note:
See TracTickets
for help on using tickets.
(In [6685]) Fixes #1907: Make it possible to login with external authentication for the root user
No special treatment for the root user when logging in.