Block password-based login for certain users

In !59673 (merged) we added the possibility to change password by group SAML users.

However, we also found out that there are no checks during login if user are allowed to use password-based login.

To make functionality from mentioned MR fully working, we need to protect two entry-points for password-based login: logging in through UI and logging in using git over http.

changed milestone to %13.12

added authorization groupauthentication and authorization [DEPRECATED] saml labels

mentioned in merge request !60912 (merged)

mentioned in issue #300191 (closed)

Setting label(s) devopsmanage sectiondev based on ~"group::access".

added devopsmanage sectiondev labels

changed milestone to %14.0

added missed:13.12 label

changed milestone to %14.1

added missed:14.0 label

changed milestone to %14.2

added missed:14.1 label

added security label

@mksionek Can you estimate the weight on this issue?

Also, it looks like it is moving from milestone to milestone, but I don't think that you are actively working on it (maybe my assumption is wrong). Should I move this back to %Backlog ?

Thanks @ogolowinski for spotlighting this. It was solved here: !60912 (merged) and this issue should be resolved. We can close this issue.

Changed milestone and closed this issue

added to epic &4786

closed

changed milestone to %13.12