Bug #11616
closedAPI tokens are not evaluated indepently of LDAP credentials
Description
Hi,
we just had some issue with our backed LDAP servers.
They're timing out on request, which also makes the Rudder UI login hang until finally there is a reply.
So far, so good.
The BAD thing we noticed is that API token based connections are blocked at the same time.
It seems that something in the spring (?) security module blocks for both authentication models if one is unavailiable.
This makes no sense considering the API tokens are not bound to users.
Nor do they even use an external authentication source at all.
Could you please check this and, if at all possible, untangle the two!?
Its one thing if user logon is blocked, but the machine-machine-interface should be available.
I was told (unverified) that it threw a 404 on the API in the end, that should be looked at.