Podręcznik:$wgAllowSecuritySensitiveOperationIfCannotReauthenticate

From MediaWiki.org
Jump to navigation Jump to search
This page is a translated version of the page Manual:$wgAllowSecuritySensitiveOperationIfCannotReauthenticate and the translation is 14% complete.

Other languages:
English • ‎magyar • ‎polski • ‎русский • ‎日本語
Identyfikacja: $wgAllowSecuritySensitiveOperationIfCannotReauthenticate
Whether to allow security-sensitive operations when reauthentication is not possible
Wprowadzono w wersji:1.27.0 (Gerrit change 195297; git #d245bd25)
Usunięto w wersji:nadal w użyciu
Dozwolone wartości:(associative array of operation => true or false. A default key must always be provided.)
Domyślna wartość:[ 'default' => true ]
Inne ustawienia: Alfabetycznie | Według funkcji

Normally when the user attempts a security-sensitive operation (such as a password or email address change) and the last login was more than $wgReauthenticateTime seconds ago, MediaWiki sends them through the login page again. When the user is authenticating via an immutable session (such as OAuth; more generally, those provided by a SessionProvider which returns false for canChangeUser()), login is not possible. This configuration setting decides whether the user is allowed to perform the operation in such a case.