blob: 69b70dbbd29c839edd0043b40a1ed68bc6518f39 (
plain)
1
2
3
4
5
6
7
8
9
10
11
|
---
security:
- The admin_token method of authentication was never intended to be
used for any purpose other than bootstrapping an install. However
many deployments had to leave the admin_token method enabled due
to restrictions on editing the paste file used to configure the
web pipelines. To minimize the risk from this mechanism, the
`admin_token` configuration value now defaults to a python `None`
value. In addition, if the value is set to `None`, either explicitly or
implicitly, the `admin_token` will not be enabled, and an attempt to
use it will lead to a failed authentication.
|
