Uploaded image for project: 'Jackrabbit Oak'
  1. Jackrabbit Oak
  2. OAK-10466

Prevent anonymous user from being disabled

    XMLWordPrintableJSON

Details

    • Wish
    • Status: In Progress
    • Major
    • Resolution: Unresolved
    • None
    • None
    • core, security
    • None

    Description

      today all users except the admin can be disabled preventing it from login. however, this is not sensible for the anonymous user. if anonymous access should not be possible it is recommended to use the corresponding configuration option that doesn't install the anonymous user in the first place.

      for full backwards compatibility we should have consider placing this behind a configuration option such that consumers can opt out (and still disable the anonymous) if they really want.

      Attachments

        Issue Links

          Activity

            People

              amoratinos Alejandro Moratinos
              angela Angela Schreiber
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: