2014-07-05 02:53:43 +02:00
|
|
|
# 3.1.7
|
|
|
|
|
2014-10-06 05:01:33 +02:00
|
|
|
## Upgrading
|
|
|
|
|
|
|
|
### Authentication
|
|
|
|
|
|
|
|
3.1.7 introduces a re-authentication feature, which allows user working in the CMS to quickly re-enter their password
|
|
|
|
and continue working should their session expire. This occurs through a popup dialog, which asks the user for their
|
|
|
|
current password to continue working.
|
|
|
|
|
|
|
|
If using a custom `[api:Authenticator]` class to replace the default MemberAuthenticator, then by default this feature
|
|
|
|
will be disabled. If multiple authenticators are used, only supported ones will be available within the CMS.
|
|
|
|
|
|
|
|
In order to create a CMS supported version the `Authenticator::supports_cms` and `Authenticator::get_cms_login_form`
|
|
|
|
methods should be overridden. See `[api:MemberAuthenticator]` for an example implementation.
|
|
|
|
|
|
|
|
Check the documentation at the [Authentication](/topics/authentication) topic.
|
|
|
|
|
|
|
|
### Default Admin
|
|
|
|
|
|
|
|
In this version the way that the default admin user is managed is slightly changed. Rather than defaulting to the first
|
|
|
|
administrator user in the CMS, a user logging in as a default admin will always be assigned to a "Default Admin"
|
|
|
|
user with admin privileges. In the past, this user would only be created if no other administrators existed.
|
|
|
|
|
2014-07-05 02:53:43 +02:00
|
|
|
## Security
|
|
|
|
|
|
|
|
* 2014-07-05 [c247dd5](https://github.com/silverstripe/silverstripe-framework/commit/c247dd5) Add default $lock_out_after_incorrect_logins value [SS-2014-016].
|