@mstenz opened this Issue on May 3rd 2022

Expected Behavior

There is no input form for password received (because the user does not know/have a password)

Current Behavior

A popup is showing that request the user got given his password, which he doesn't know.

Possible Solution

see "Expected Behaviour"

Steps to Reproduce (for Bugs)

  1. got to the admin panel with a user that has logged in via SSO
  2. go to System -> Users
  3. choose a user that is not a superuser
  4. enable superuser access (the popup appears)

Your Environment

Matomo Version 4.9.0
PHP version >= 7.2.5 8.0.12
PHP_OS Linux

@sgiehl commented on May 3rd 2022 Member

Hi @mstenz
Which plugin are you using for SSO access? Are you using the SAML plugin or LoginLDAP plugin?

@mstenz commented on May 3rd 2022

@sgiehl Hi, I am using LoginOIDC, because it authenticates with Gitlab

@sgiehl commented on May 9th 2022 Member

Iirc we had similar issues with LoginLdap, but can't remember if there was a solution for that. Maybe @tsteur or @diosmosis know?

@tsteur commented on May 9th 2022 Member

@sgiehl had a quick search in the LoginLdap Issues. There was this PR: https://github.com/matomo-org/plugin-LoginLdap/pull/185 maybe it's that? I couldn't find anything else

@miton18 commented on May 18th 2022

Same issue here with LoginOIDC plugin
https://github.com/matomo-org/matomo/issues/19235

@miton18 commented on June 13th 2022

Do you know when the prioritization will occur ?

@bat79a commented on June 20th 2022

+1 ;p

@miton18 commented on July 4th 2022

up ;-)

@justinvelluppillai commented on July 5th 2022 Member

Adding to current milestone.

@sgiehl commented on July 14th 2022 Member

@mstenz @miton18 With #19525 we will most likely introduce a new event, which can then be used to disabled the password confirmation for certain users in UI and API. Login plugins will then need to implement this event.

@mstenz commented on July 14th 2022

perfect, thank you

This Issue was closed on July 25th 2022
Powered by GitHub Issue Mirror