You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shenyu.apache.org by "li-keguo (via GitHub)" <gi...@apache.org> on 2023/05/02 13:22:49 UTC
[GitHub] [shenyu] li-keguo opened a new issue, #4602: [Task] Super admin user password security
li-keguo opened a new issue, #4602:
URL: https://github.com/apache/shenyu/issues/4602
### Description
### precondition
shenyu-admin provides configuration for user user-defined super administrators, which are accounts with some special privileges and are also initialization users.After a user configures super administrator privileges, those permissions cannot be assigned to other users through roles.This feature is enabled by default.
We believe it is necessary to protect the security of super admin users.For this reason, there are some features to ensure the security of super administrator users, especially password management.
```yaml
dashboard:
core:
enableOnlySuperAdminPermission: true
enablePrintApiLog: true
onlySuperAdminPermission:
- system:manager:add
- system:manager:edit
- system:manager:delete
- system:role:add
- system:role:edit
- system:role:delete
- system:resource:addButton
- system:resource:addMenu
- system:resource:editButton
- system:resource:editMenu
- system:resource:deleteButton
- system:resource:deleteMenu
# You can customize the action of adding special permissions
```
### Demand characteristics
We need the user to change the initialization password.
We need to remind users to change their passwords regularly.
We need to ensure that user passwords are somewhat complex.
Of course, these requirements are not mandatory, they can be set by setting the switch, but we need to ensure that the default security is safe.
### Task List
1. SSupport super administrator user to forcibly change the password for the first login, and the backend only prevents the use of special privilege functions
2. Super administrator users must be required to change their passwords if they have not changed their passwords for a long time when using their special privileges
3. Users need to be reminded to change their initial password or passwords that have not been changed for a long time
4. Added password complexity verification when creating users.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] yu199195 closed issue #4602: [Task] Super admin user password security
Posted by "yu199195 (via GitHub)" <gi...@apache.org>.
yu199195 closed issue #4602: [Task] Super admin user password security
URL: https://github.com/apache/shenyu/issues/4602
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] li-keguo closed issue #4602: [Task] Super admin user password security
Posted by "li-keguo (via GitHub)" <gi...@apache.org>.
li-keguo closed issue #4602: [Task] Super admin user password security
URL: https://github.com/apache/shenyu/issues/4602
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org