Description of problem: External Auth - SAML - Disabling local logins via appliance console, doesn't invalidate defualt admin session. If the default admin user is logged in, and you then disable local logins via the appliance console, the session for the admin user is not expired. Version-Release number of selected component (if applicable): 5.6.4.2, 5.7.2, 5.8.0 How reproducible: Steps to Reproduce: 1. Configure SAML, leave "disable local logins" unchecked 2. Log in with default DB user of Admin 3. Change "disable local Logins" to true either via web ui console or appliance_console. 4. Admin user session in step 2 is still active. Actual results: Admin user session is still active Expected results: Admin user session should be expired as it's a local login that should be disabled. Additional info:
Still valid in 5.8.3.2
Disable/Enable Local Logins implies and only affects future logins. The wording could be updated to include the word "future" but that seems unnecessary. Invalidating existing sessions, although possible the technically accurate thing to do given the current wording would be unnecessary complicated for the given result. Closing WONTFIX.