Authentication: ensure no-403 setting is check each time access needs to be forbidden (!249) · Merge requests · BC / public / flexisip

GitLab now enforces expiry dates on tokens that originally had no set expiration date. Those tokens were given an expiration date of one year later. Please review your personal access tokens, project access tokens, and group access tokens to ensure you are aware of upcoming expirations. Administrators of GitLab can find more information on how to identify and mitigate interruption in our documentation.

Merged François Grisez requested to merge fix/no403_policy into release/2.0 Dec 02, 2019

Furthermore, this commit avoid “500 internal error” response while chalenge making when no algorithm fetched from database has been allowed in settings. A challenge for each allowed algorithms is made instead.

Admin message

Authentication: ensure no-403 setting is check each time access needs to be forbidden

Merge request reports