eubyte opened a new issue, #37100: URL: https://github.com/apache/superset/issues/37100
### Bug description For LDAP/OAuth authentication to work, AUTH_USER_REGISTRATION must be set to True (in superset_config.py) in order to allow syncing of Superset DB with LDAP/OAuth provider. However, 'AUTH_USER_REGISTRATION = True' also enables registration path on Superset UI (registration button,etc.). This is a potential security hole, and there are numerous use cases where this is HIGHLY undesirable. Open/public registration should be optional and disabled by default for any type of authentication, including LDAP/OAuth. ### Screenshots/recordings _No response_ ### Superset version master / latest-dev ### Python version 3.9 ### Node version 16 ### Browser Chrome ### Additional context _No response_ ### Checklist - [ ] I have searched Superset docs and Slack and didn't find a solution to my problem. - [ ] I have searched the GitHub issue tracker and didn't find a similar bug report. - [ ] I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
