Issue #3810: [RFE] Option to disable forms-based login for UI - freeipa

freeipa

#3810 [RFE] Option to disable forms-based login for UI

Opened 10 years ago by sbingram. Modified 7 years ago

The IPA UI originally required a Kerberos ticket-based login. Around the 3.0 release a forms-based login feature was added in order to accommodate users on devices that could not obtain a Kerberos ticket. For security reasons of not wanting to send credentials over even an encrypted connection, it would be nice to be able to disable the forms-based login feature and return to the original configuration requiring a Kerberos ticket to authenticate.

Petr Vobornik repors the following items are necessary to achieve this:

deny access to /ipa/session/login_password
create UI plugin to change Web UI unauthorized_dialog
deny access to /ipa/ui/login.html

dpal commented 10 years ago

Thank you for submitting this ticket. We do not have cycles to do it now, however this should not be a very hard feature to implement. Would you be open to try to implement it? We will definitely help and guide. Please let us know if you are up to the challenge.

Metadata Update from @sbingram:
- Issue assigned to someone
- Issue set to the milestone: Future Releases

7 years ago

Metadata

Assignee

someone

Tags

None

Blocking

None

Depending on

None

Priority

low

Milestone

Future Releases

None

affects_doc

None

source

None

knownissue

None

type

enhancement

blockedby

None

test_case

None

component

Web UI

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

todo

tester

None

changelog

None

design

None

freeipa

Source Code

#3810 [RFE] Option to disable forms-based login for UI Opened 10 years ago by sbingram. Modified 7 years ago

Close issue as:

Metadata

#3810 [RFE] Option to disable forms-based login for UI

Opened 10 years ago by sbingram. Modified 7 years ago