Disable Password Login, so it's not visible at login screen

[andyprv]

once the LDAP Stuff works ...

• How to disable the Password Login or
• How to set LDAP Logon to default ?

[xet7]

You see all Wekan new version changes at ChangeLog.

For disabling password login, in future there will be setting in docker-compose.yml like this:

- PASSWORD_LOGIN_ENABLED=false

And similar for snap etc. This is not added to Wekan yet.

[xet7]

When something is added to Wekan, that issue is closed with link to code or some comment that feature has been added or bug fixed.

[andyprv]

thanx

[xet7]

https://github.com/wekan/wekan/pull/2065 remove login dropdown, and adds setting DEFAULT_AUTHENTICATION_METHOD=ldap or sudo snap set wekan default-authentication-method='ldap'. This will be in upcoming Wekan v1.95

[richardest]

@xet7 after snap set wekan default-authentication-method='ldap', login page is still displayed "Password". wekan version: v2.06.0

[xet7]

@richardest

Yes, it was reverted because login with password did not work: https://github.com/wekan/wekan/blob/devel/CHANGELOG.md#v196-2018-12-24-wekan-release

[andyprv]

maybe its possible to change the default to "LDPA Login" on the Dropdown field .. as temporary workaround ....

[KrunalDholakiya]

Hi @xet7, for ldap login what all parameters we need to set in docker file? can you please help me with it.

[xet7]

@KrunalDholakiya

https://github.com/wekan/wekan/wiki/LDAP

[lamoquette]

Hello, Do we have any news about disabling login/password after ldap is enabled? Is there an environment variable to do this?

[xet7]

@lamoquette

In Admin Panel it's possible to:

• Disable Self-registration
• Set default authentication method to LDAP
• Hide authentication method selection

With these set, is there any need for disabling password login?

[lamoquette]

I would like to remove this part for the needs of the company where I work, and keep only the "sign in with oidc" button

[xet7]

@lamoquette

First Wekan user is Admin. In Admin Panel / People, click some other user's Edit, and change permission to Admin.

[lamoquette]

Ok so, I managed to edit my account as an admin, I have access to the admin panel and I did the requested manipulations.

However, I arrive at this result:

Only the dropdown has disappeared

[xet7]

Yes, disabling password login is not implemented yet.

If someone thinks having this option is urgent, they can sponsor developing this feature with 50 euro at https://wekan.team/commercial-support/ , so I will then implement this in near future.

[njpaul]

@lamoquette

In Admin Panel it's possible to:

* Disable Self-registration

* Set default authentication method to LDAP

* Hide authentication method selection

With these set, is there any need for disabling password login?

These instructions worked for me, but I also had to set LDAP_LOGIN_FALLBACK=true in my docker-compose file. I also have DEFAULT_AUTHENTICATION_METHOD=ldap specified. Without this set, I was unable to login with my LDAP password, but I was able to login with the password I used for registration.

If I re-enabled the authentication method selection, I was able to login with my LDAP password again. It acted like the default authentication method was being set to "password" whenever the method selection was hidden.

[kasparpalgi]

@lamoquette These instructions worked for me, but I also had to set LDAP_LOGIN_FALLBACK=true in my docker-compose file. I also have DEFAULT_AUTHENTICATION_METHOD=ldap specified. Without this set, I was unable to login with my LDAP password, but I was able to login with the password I used for registration.

How do do it on snap?

[xet7]

@crewnew

Snap has same settings like docker-compose.yml at https://github.com/wekan/wekan .

You see snap commands at server bash:

wekan.help | less

If Docker has this setting:

LDAP_LOGIN_FALLBACK=true

Then in Snap, it's same, but with lowercase letters, minus and single quotes:

sudo snap set wekan ldap-login-fallback='true'

Actual Wekan Snap help file source is here: https://github.com/wekan/wekan/blob/master/snap-src/bin/wekan-help

[walster001]

Yes, disabling password login is not implemented yet.

If someone thinks having this option is urgent, they can sponsor developing this feature with 50 euro at https://wekan.team/commercial-support/ , so I will then implement this in near future.

Greetings @xet7, I'd assume from this comment that the bounty for this has not been paid? Our team is interested in potentially paying this bounty to have this implemented in the form of a toggle option (potentially under Admin Panel -> Settings -> Registration) to simply remove the username/password login and solely have the "Login with OIDC" button on the login screen as @lamoquette mentioned earlier.

Just checking this is still something we could pay to have implemented? Kind Regards, Matthew.

[walster001]

Example, for our particular use case (login button renamed appropriately).

[xet7]

@walster001

That feature already exists. I added docs here:

https://github.com/wekan/wekan/wiki/Disable-Password-Login

[walster001]

Thankyou Lauri! @xet7 Grateful, I must've missed this. Have set that snap key and now all is well.