-
Bug
-
Resolution: Fixed
-
Minor
-
3.9.3, 3.10, 3.11, 4.0
-
MOODLE_310_STABLE, MOODLE_311_STABLE, MOODLE_39_STABLE, MOODLE_400_STABLE
-
MOODLE_310_STABLE, MOODLE_39_STABLE
-
MDL-70424-auth-avoid-changes -
This issue is a continuation of MDL-64865. The previous issue add tracks to the auth disabling but it did not offer a solution to the root of the problem.
Summary
To reproduce the issue:
- As an admin, go to /admin/category.php?category=authsettings .
- Enable an extra authentication plugin (say) - "LDAP server".
- Review mdl_config table, notice that row with name="auth" will contain the value "email,ldap".
- Remove from the code directory auth/ldap.
- As a non logged user (e.g. use another browser) open the login page login/index.php
- Notice that "LDAP server" authentication was quietly (no trace of disabling it anywhere) removed. To confirm, review mdl_config table, the "auth" row now just contains "email"
You can bring the auth/ldap directory back now - but that will not re-enable LDAP authentication plugin.
Story behind the issue
The behavior above creates a condition race when some work is done on the backend server (Moodle code is updated, moved, copied, etc). We have experienced that seemingly random disabling of the authentication plugins in our production systems. Each time there was no trace of why did this happen. And because it happened very rarely (we are talking about few times in the last 10 years) the issue was hard to pin-point. I suspect it was happening somewhere during our deployment process.
What next?
Some ideas:
- Don't ever disable the plugin.
- If we really should / need to disable it - then at least log it.
- has a non-specific relationship to
-
MDL-70766 Log changes to auth plugin settings in config log
- Closed
- is blocked by
-
MDL-64865 Add logging when auth config is automatically changed due to config/filesystem mismatch
- Closed
- will help resolve
-
MDL-70812 Fix root cause of random disabled auth plugins
- Closed