the Redmine developers released version 5.0 some months ago and
updating to this version will have some effects on us. So, I would like
to open a thread to discuss these issues with you and how we deal with
Currently, we are on the 4.2 branch and it still gets security and bug
fixes, but I can't tell at which point they will stop supporting it.
We enabled the login over OpenID, which is implemented natively and not
integrated over a plugin. With version 5.0, support for that was
removed. I assume this is due to that the implementation is based on an
older OpenID standard and there are not many users of it anymore (TM).
The newer standard seems to be called "OpenID Connect", but it's not
supported by Redmine.
Also, we are using a plugin which allows the login over a Google
account. The compatibility of that plugin breaks with version 5.0.
The problem is that we have users for both and with version 5.0 they
won't be able to use these methods anymore.
However, I have an idea for a solution. I took a look at the Redmine
database and I played around with the Google login method. My tests
showed that it creates a normal user account, as it is done with the
registration, just with the little difference that no password is set
disabling the login over password. These accounts also have an user
name and an email address. As soon as I set a password, I was able to
login using the user name.
So, my idea is that we just go with these changes and affected users
use the functionality to reset their password, which means they will
have a "normal" user account then. In preparation to that version
update, we should disable these login methods so that no new users will
make use of them.
Other ideas? What's your opinion?