12 lines
626 B
YAML
12 lines
626 B
YAML
---
|
|
security:
|
|
- The admin_token method of authentication was never intended to be
|
|
used for any purpose other than bootstrapping an install. However
|
|
many deployments had to leave the admin_token method enabled due
|
|
to restrictions on editing the paste file used to configure the
|
|
web pipelines. To minimize the risk from this mechanism, the
|
|
`admin_token` configuration value now defaults to a python `None`
|
|
value. In addition, if the value is set to `None`, either explicitly or
|
|
implicitly, the `admin_token` will not be enabled, and an attempt to
|
|
use it will lead to a failed authentication.
|