Product SiteDocumentation Site

5.21. Authentication

5.21.1. Global authentication parameters

$g_login_method
Specifies which method will be used to authenticate. It should be one of the following values (defaults to MD5):
  • MD5 - user's password is stored as a hash in the database
  • LDAP - authenticates against an LDAP (or Active Directory) server
  • BASIC_AUTH
  • HTTP_AUTH
In addition, the following deprecated values are supported for backwards-compatibility, and should no longer be used:
  • PLAIN - password is stored in plain, unencrypted text in the database
  • CRYPT
  • CRYPT_FULL_SALT
Note: you may not be able to easily switch encryption methods, so this should be carefully chosen at install time. However, MantisBT will attempt to "fall back" to older methods if possible.
$g_reauthentication
Determines whether MantisBT will require the user to re-authenticate before granting access to the Admin areas after timeout expiration. Defaults to ON
$g_reauthentication_expiry
Duration of the reauthentication timeout, in seconds. Defaults to 5 minutes.