Internal auth instance cannot be disabled
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Mahara |
Triaged
|
Low
|
Unassigned | ||
Bug Description
When another authentication instance is used on a site (e.g. saml, ldap, etc.), it would be nice to be able to disable Internal auth (the standard password-based one) and not show the login form at all.
However, it's not possible because the Internal auth instance is used for two things:
- as the auth instance for the fake "root" account
- as the auth instance for deleted user accounts
Perhaps we could solve this by making the authinstance column of the usr table nullable and using a null value for the above two cases. However null values can be tricky and this could lead to more problems.
Alternatively, we could create a new auth type of "Denied" which would be the exact opposite of the "None" institution: it would never let users with that authinstance login no matter what.
| Mahara Bot (dev-mahara) wrote A change has been merged | #1 |
Reviewed: https:/
Committed: http://
Submitter: Francois Marier (<email address hidden>)
Branch: master
commit 86738f26b43a04b
Author: Francois Marier <email address hidden>
Date: Fri Dec 16 15:13:40 2011 +1300
Make the basic login form optional
By default the login form is needed by every auth plugin however
they can now override this and state that it's not needed.
If there are no usabled/enabled auth plugins that need the standard
username/
Note that until bug 904620 is fixed, you cannot remove the Internal
auth plugin (which needs the basic form elements) without a bit of
database surgery.
Bug #905081
Change-Id: If2bc7510a93e3a
Signed-off-by: Francois Marier <email address hidden>