mirror of
https://github.com/pgadmin-org/pgadmin4.git
synced 2024-12-22 15:13:42 -06:00
Revert "Disable the master password requirement when using alternative authentication sources. Fixes #7012"
This reverts commit 0c823455a0
.
This commit is contained in:
parent
ab8e9a8ea5
commit
faff8d1fb3
@ -1,33 +0,0 @@
|
||||
.. _alternate_encryption_key:
|
||||
|
||||
**********************************
|
||||
`Alternate Encryption Key`:index:
|
||||
**********************************
|
||||
|
||||
pgAdmin would use the alternate encryption key to secure and later unlock the saved server
|
||||
passwords if the master password is disabled AND there is NO suitable key/password available
|
||||
from the authentication module for the user in server mode.
|
||||
|
||||
When pgAdmin stores a connection password,
|
||||
it encrypts it using a key that is formed either from the master password, or
|
||||
from the pgAdmin login password for the user. In the case of authentication methods
|
||||
such as OAuth, Kerberos or Webserver, pgAdmin doesn't have access to anything long-lived to
|
||||
form the encryption key from, hence it uses the master password and if master password
|
||||
is disabled pgAdmin would use the alternate encryption key, if it is set.
|
||||
|
||||
|
||||
.. note:: You can set the alternate encryption key by setting the configuration
|
||||
parameter *ALTERNATE_ENCRYPTION_KEY=<Key>*.
|
||||
See :ref:`config_py` for more information on configuration parameters and how
|
||||
they can be changed or enforced across an organisation.
|
||||
|
||||
.. note:: If the master password and the alternate encryption key is disabled,
|
||||
then all the saved passwords will be removed.
|
||||
|
||||
|
||||
.. warning:: By setting this option, you should be fully aware of the potential security
|
||||
risk of using the same encryption key for multiple users, that may be accessible to
|
||||
sysadmins who would not normally be able to use pgAdmin.
|
||||
|
||||
It is **not recommended** that you use the alternate encryption key instead of master password
|
||||
if you use the *Save Password* option.
|
@ -38,13 +38,6 @@ It is set by the user and can be disabled using config.
|
||||
|
||||
master_password
|
||||
|
||||
The Alternate Encryption Key is used to secure and later unlock saved server passwords.
|
||||
It is **not recommended** to use the alternate encryption key.
|
||||
|
||||
.. toctree::
|
||||
|
||||
alternate_encryption_key
|
||||
|
||||
After defining a server connection, right-click on the server name, and select
|
||||
*Connect to server* to authenticate with the server, and start using pgAdmin to
|
||||
manage objects that reside on the server.
|
||||
|
@ -5,9 +5,7 @@
|
||||
************************
|
||||
|
||||
A master password is required to secure and later unlock the saved server
|
||||
passwords. This is applicable for desktop mode users and for the auth methods
|
||||
such as OAuth, Kerberos or Webserver where pgAdmin doesn't have access to anything
|
||||
long-lived to form the encryption key.
|
||||
passwords. This is applicable only for desktop mode users.
|
||||
|
||||
* You are prompted to enter the master password when you open the window for
|
||||
the first time after starting the application.
|
||||
@ -25,15 +23,15 @@ long-lived to form the encryption key.
|
||||
See :ref:`config_py` for more information on configuration parameters and how
|
||||
they can be changed or enforced across an organisation.
|
||||
|
||||
.. note:: If the master password and :ref:`alternate_encryption_key` is disabled,
|
||||
then all the saved passwords will be removed.
|
||||
.. note:: If the master password is disabled, then all the saved passwords will
|
||||
be removed.
|
||||
|
||||
.. warning:: If the master password is disabled, then the saved passwords will
|
||||
be encrypted using the :ref:`alternate_encryption_key` or a key which is derived
|
||||
from information within the configuration database. Use of a master password
|
||||
ensures that the encryption key does not need to be stored anywhere, and thus
|
||||
prevents possible access to server credentials if the configuration database
|
||||
becomes available to an attacker.
|
||||
be encrypted using a key which is derived from information within the
|
||||
configuration database. Use of a master password ensures that the encryption
|
||||
key does not need to be stored anywhere, and thus prevents possible access
|
||||
to server credentials if the configuration database becomes available to an
|
||||
attacker.
|
||||
|
||||
It is **strongly** recommended that you use the master password if you use
|
||||
the *Save Password* option.
|
||||
|
@ -12,7 +12,6 @@ New features
|
||||
| `Issue #3253 <https://redmine.postgresql.org/issues/3253>`_ - Added status bar to the Query Tool.
|
||||
| `Issue #3989 <https://redmine.postgresql.org/issues/3989>`_ - Ensure that row numbers should be visible in view when scrolling horizontally.
|
||||
| `Issue #6830 <https://redmine.postgresql.org/issues/6830>`_ - Relocate GIS Viewer Button to the Left Side of the Results Table.
|
||||
| `Issue #7012 <https://redmine.postgresql.org/issues/7012>`_ - Disable the master password requirement when using alternative authentication sources.
|
||||
| `Issue #7282 <https://redmine.postgresql.org/issues/7282>`_ - Added options 'Ignore owner' and 'Ignore whitespace' to the schema diff panel.
|
||||
| `Issue #7325 <https://redmine.postgresql.org/issues/7325>`_ - Added support for Azure AD OAUTH2 authentication.
|
||||
|
||||
|
@ -553,27 +553,6 @@ ALLOW_SAVE_TUNNEL_PASSWORD = False
|
||||
##########################################################################
|
||||
MASTER_PASSWORD_REQUIRED = True
|
||||
|
||||
##########################################################################
|
||||
# When pgAdmin stores a connection password,
|
||||
# it encrypts it using a key that is formed either from the master password, or
|
||||
# from the pgAdmin login password for the user.
|
||||
#
|
||||
# In the case of auth methods such as OAuth or Kerberos, pgAdmin
|
||||
# doesn't have access to anything long-lived to form the encryption key from,
|
||||
# hence it uses the master password.
|
||||
|
||||
# So, pgAdmin would use this alternate encryption key if
|
||||
# a) the master password is disabled
|
||||
# AND
|
||||
# b) there is NO suitable key/pass available from the auth module for the user.
|
||||
|
||||
# By setting this option, you should fully aware of the potential security
|
||||
# risk of using the same encryption key for multiple users,
|
||||
# that may be accessible to sysadmins who would not normally
|
||||
# be able to use pgAdmin.
|
||||
##########################################################################
|
||||
ALTERNATE_ENCRYPTION_KEY = None
|
||||
|
||||
##########################################################################
|
||||
# Allows pgAdmin4 to create session cookies based on IP address, so even
|
||||
# if a cookie is stolen, the attacker will not be able to connect to the
|
||||
|
@ -706,8 +706,7 @@ def index():
|
||||
auth_source = session['auth_source_manager'][
|
||||
'source_friendly_name']
|
||||
|
||||
if not config.MASTER_PASSWORD_REQUIRED and 'pass_enc_key' in session\
|
||||
and not config.ALTERNATE_ENCRYPTION_KEY:
|
||||
if not config.MASTER_PASSWORD_REQUIRED and 'pass_enc_key' in session:
|
||||
session['allow_save_password'] = False
|
||||
|
||||
response = Response(render_template(
|
||||
|
@ -33,9 +33,6 @@ def get_crypt_key():
|
||||
elif config.MASTER_PASSWORD_REQUIRED \
|
||||
and enc_key is None:
|
||||
return False, None
|
||||
elif not config.MASTER_PASSWORD_REQUIRED and config.SERVER_MODE and \
|
||||
config.ALTERNATE_ENCRYPTION_KEY:
|
||||
return True, config.ALTERNATE_ENCRYPTION_KEY
|
||||
elif not config.MASTER_PASSWORD_REQUIRED and config.SERVER_MODE and \
|
||||
'pass_enc_key' in session:
|
||||
return True, session['pass_enc_key']
|
||||
|
Loading…
Reference in New Issue
Block a user