Eric, In short you really do have to roll your own solution for this. That said I would always advocate for extending the 4D Users and Groups security rather than replacing it. I have seen both approaches over the years and IMHO there are so many advantages to using the built in model that it seems crazy to start from entirely from scratch. The effort to reproduce some built in behaviours just is not worth it.
What we do is have user and group entities held in data that we bind to the 4D users and groups paradigm. This allows you to store additional properties that can be useful in user and group management. It also allows for adding in your own additional security steps such as TFA (I have used google authenticator) but any model is possible because you have complete programmatic control over the process. Enforcing password changing and complexity also seem like relatively trivial steps to overlay on the existing base. Regards, Dougie ________________________________________________________ telekinetix Limited- J. Douglas Cryer Phone : 01234 761759 Mobile : 07973 675 218 2nd Floor Broadway House, 4-6 The Broadway, Bedford MK40 2TE Email : [email protected] Web : http://www.telekinetix.com <http://www.telekinetix.com/> ________________________________________________________ ********************************************************************** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:[email protected] **********************************************************************
