I have deployed nginx-ldap-auth with nginx-ingress controller on GKE. I have enabled group validation. When a valid username that is a member of the group is provided, password field can be left empty. This is a security issue and can grant access to anyone who knows a valid username.
I have deployed
nginx-ldap-auth
withnginx-ingress
controller on GKE. I have enabled group validation. When a valid username that is a member of the group is provided, password field can be left empty. This is a security issue and can grant access to anyone who knows a valid username.