Add the ability to remove user sign in field

[K4pper]

NetBox version

v3.4.4

Feature type

New functionality

Proposed functionality

Netbox has the ability to use multiple SSO providers, but there is no way to completely disable the login form even if there are no local users on the Netbox instance.

Example:

This could pose an unnecessary way for attackers to brute force the application by spamming the login field, especially if the Netbox instance is run in the cloud.

Use case

By adding an option to disable the login form and only having the option to login using an SSO provider would decrease the attack surface for a malicious entity.

Database changes

N/A

External dependencies

N/A

[proudbro]

I propose not to remove the authorization form, just simply hide it and leave available

[jeremystretch]

What happens when the login form is disabled and the SSO provider becomes unavailable?

[K4pper]

What happens when the login form is disabled and the SSO provider becomes unavailable?

Just to clarify i am not proposing to have the login form hidden or removed automatically when SSO is configured.
What i am proposing is a setting, that you would manually enable to hide the login form.

Our instance of Netbox has no local users, so if the SSO provider goes down we wouldn't be able to access Netbox anyway. If the worst case scenario happens we would still be able to connect to the netbox instance and create a temporary local user.

Hope this answers the question (:

[jeremystretch]

What i am proposing is a setting, that you would manually enable to hide the login form.

That doesn't address my concern. Should SSO become unavailable, no one will be able to authenticate to NetBox until an administrator logins into the server itself to make the configuration change and restart the service.

IMO "hiding" the local login form behind a dropdown or similar widget would be the preferred approach.

[SystemFiles]

Hi @jeremystretch , I understand your concern and I agree that it could lock users out, but I also feel this is a risk that can be evaluated by users themselves. I think the ability to enable/disable the regular login field should be possible. This would be done at users discretion. In my opinion, your concerns can be addressed primarily by using sane defaults.

[Kerwood]

I agree.
You should be able to disable the login form. The risk should be evaluated by the user.
We don't have any local users either on our instance and if our identity provider is down, we've got bigger issues than not being able to login to Netbox.
Or you can always just enable the login form again if needed, in the settings.

Also it would stop annoying brute force attacks.

[jeremystretch]

What is your justification for removing the login form entirely as opposed to hiding it?

[Kerwood]

Unnecessary and annoying brute force attacks on the login form.

[jeremystretch]

It being unnecessary for you is not reason enough to preclude making it available for someone else. And there are plenty of other best practices one can follow to mitigate brute force attacks.

[Kerwood]

What is your justification for not letting the user make the decision if the login form should be showed or not ?

[jeremystretch]

As I've said, ensuring that the local login form is always available ensures that a backup authentication path exists in the event the remote authentication provided becomes inaccessible.

[Kerwood]

As I've said, ensuring that the local login form is always available ensures that a backup authentication path exists in the event the remote authentication provided becomes inaccessible.

I am not sure we are on the same page here...
No one is proposing that the login form should be automatically removed if SSO is enabled. The login form can be available by default, just as it is now. No one will know the difference.
We just want the option to disable it in the settings.

[ssza]

In my opinion the local login form should always be available, but in the case of SSO enabled, it should be hidden behind a dropdown menu