Jump to content

Manual:$wgAllowSecuritySensitiveOperationIfCannotReauthenticate

From mediawiki.org
This page is a translated version of the page Manual:$wgAllowSecuritySensitiveOperationIfCannotReauthenticate and the translation is 57% complete.
認証: $wgAllowSecuritySensitiveOperationIfCannotReauthenticate
再認証が不可能な場合に機密性の高いセキュリティ操作を許可するかどうか
導入されたバージョン:1.27.0 (Gerrit change 195297; git #d245bd25)
除去されたバージョン:使用中
許容される値:(操作 => true または false の連想配列。 default キーは必ず指定してください。)
既定値:[ 'default' => true, ]

Normally when the user attempts a security-sensitive operation (such as a password or email address change) and the last login was more than $wgReauthenticateTime seconds ago, MediaWiki sends them through the login page again. When the user is authenticating via an immutable session (such as OAuth; more generally, those provided by a SessionProvider which returns false for canChangeUser()), login is not possible. This configuration setting decides whether the user is allowed to perform the operation in such a case.