Steps to reproduce:
- Fresh Zabbix 6 install
- Enable LDAP auth
- Would like to disable auto-login as each login should use LDAP.
User can change their profile to enable auto-login and the auto-login tickbox is ticked by default. the risk associated with this is that an LDAP account is removed from the LDAP server, yet a user can still login for 30 days with their cookie.
When using external auth methods, no cookies should be used for subsequent sessions. Parameters like auto-login and auto-logout should be set system-wide, and not per account.