Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-21692

Security configuration cannot be updated using custom authenticator or password.confirmation.disabled

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Medium Medium
    • 3.4.8, 3.5
    • 3.4
    • None

      There are several ways to configure Confluence so that web-sudo (password-confirmation for admin options) is not available at all. See CONF-20958. In 3.4 (maybe 3.3 too) setting any of these options prevents saving the security configuration.

      When an admin tries to change the security configuration, they are always returned to the edit screen, and are given no feedback.

      There is a bug in the security config validation where it checks for valid values of the websudo options, even though none are submitted from the form and none are used.

      The worst part of this bug is that the validation is a field error, which would usually be displayed underneath the field with the error. Since the field is not displayed at all in this case, there is no feedback to the user about the validation problem at all.

            [CONFSERVER-21692] Security configuration cannot be updated using custom authenticator or password.confirmation.disabled

            No work has yet been logged on this issue.

              don.willis@atlassian.com Don Willis
              don.willis@atlassian.com Don Willis
              Affected customers:
              0 This affects my team
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: