Password Auth enabling itself (and then not allowing admin to disable it)

I’ve a self-hosted Redash v5 instance that I’ve upgraded to v7. It uses LDAP for auth and so has REDASH_PASSWORD_LOGIN_ENABLED=false set in the environment.

After upgrading to v7 I note that I’m unable to change this setting in the Settings page (checkbox is greyed out), but that if I enable ‘Enable experimental multiple owners support’ then ‘Password Login Enabled’ also gets ticked. After that there’s no way to untick it in the UI as the checkbox is still greyed out (but now ticked!).

Only way I can find to then disable password auth is to manually alter the settings field in the organizations table within the Redash postgreSQL DB.

This seems to be due to ./client/app/pages/settings/organization.js containing:

this.disablePasswordLoginToggle = () => (clientConfig.googleLoginEnabled || this.settings.auth_saml_enabled) === false;

… it doesn’t have any reference to LDAP.

/me digs through the python, although at present I’m not sure I understand what’s in settings.init vs settings.organization

I’m also experiencing this. I have LDAP enabled, and password login disabled via REDASH_PASSWORD_LOGIN_ENABLED=false, but it still shows the regular password login on the main login page. @Jakdaw Were you able to get the login page to only show a login prompt for LDAP?

I disabled it manually with psql altering the JSON value in the ‘organizations’ table.

I see the fix to the UI was merged 2 days ago (thanks @gabrieldutra!); so we should see it in the next Redash release: