[TASK] Fixed links to issues in Changelog
[Packages/TYPO3.CMS.git] / typo3 / sysext / core / Documentation / Changelog / master / Important-94312-RemovedBEloginSecurityLevelAndFEloginSecurityLevelOptions.rst
1 .. include:: ../../Includes.txt
2
3 ===================================================================================
4 Important: #94312 - Removed BE/loginSecurityLevel and FE/loginSecurityLevel options
5 ===================================================================================
6
7 See :issue:`94312`
8
9 Description
10 ===========
11
12 The `FE/loginSecurityLevel` and `BE/loginSecurityLevel` options were used to
13 define the security level of the backend and frontend login. Since dropping
14 the two possibilities `challenged` and `superchallenged` in v7, `rsa` and
15 `normal` were the only two valid values left.
16
17 The `rsa` value however also became more or less obsolete, after dropping
18 `EXT:rsaauth` from core in :issue:`87470`. Setting `rsa` therefore only had
19 effect in case the standalone `friendsoftypo3/rsaauth` extension was installed.
20
21 Finally, with :issue:`94279` also the support for the standalone
22 `friendsoftypo3/rsaauth` was abandoned, making the `loginSecurityLevel`
23 option superfluous, as `normal` was left as the only valid option.
24
25 Therefore, both options `FE/loginSecurityLevel` and `BE/loginSecurityLevel`
26 have been removed. As a result and to follow our backwards-compatibility promise,
27 all authentication services will still receive the `$passwordTransmissionStrategy`
28 argument in their :php:`processLoginData()` method, which however will now
29 always be `normal`.
30
31 Impact
32 ======
33
34 The options have been removed from the TYPO3's default configuration.
35 When those options have been set in your :php:`LocalConfiguration.php`
36 or :php:`AdditionalConfiguration.php` files, they are automatically
37 removed when accessing the Install Tool or System Maintenance area.
38
39 .. index:: LocalConfiguration, ext:core