GitLab now enforces expiry dates on tokens that originally had no set expiration date. Those tokens were given an expiration date of one year later. Please review your personal access tokens, project access tokens, and group access tokens to ensure you are aware of upcoming expirations. Administrators of GitLab can find more information on how to identify and mitigate interruption in our documentation.

cri_auth: update unsynced Kerberos password on login

When a user log in, we should check if any one of its associated Kerberos Principal need to have its password updated and perform the update when necessary.

The simplest way of achieving this is to add an out_of_date field to our KerberosPrincipal model. The verification can take place by overriding CRIUser.check_password()

Edited May 05, 2019 by Marin Hannache

Admin message

cri_auth: update unsynced Kerberos password on login