Munukutla,Ravishankar wrote:
**
Thanks for bringing this up. For now the issue with showing password
in the logs files is resolved in 7.5.
>>** I would think that the password/username should not be required
to fetch resources from the sharedresources directory. This looks to
be a problem in the active link 'uidemo: Hover and Tooltips';
hopefully this logic was not replicated. Imho, the pwd url parameter
should be deprecated altogether. There is no case to justify it's use
as it is insecure by nature.
The shared resources, are fetched by Mid-tier from the AR-Server, and
when asked for shared resources( used in Templates), in user tool, it
doesn't fetch it from AR server, but points to the Mid-tier URL and
renders the same in the View field.
However, there is still an open issue being worked upon, "the password
in the url parameter"
Regards,
Ravishankar
Ravishankar,
I think that the log file issue has not been resolved in any currently
available version of 7.5 (it is still there in the original release and
patch 001).
The URL with user name and password is also shown when you show the
source of any view filed that contains the content of a template.
I currently have an issue open with BMC about this which has not yet
reached any satisfactory solution. BMC support are still in their
prevarication mode and haven't agreed that there is any issue to resolve
yet.
If you know any different then perhaps you can let them know.
Thanks,
Ian
------------------------------------------------------------------------
Ian Trimnell, AR System Lead Developer (amongst other jobs),
Specialist Support & Information Team, Academic & Administrative
Computing Service
Open University, MILTON KEYNES, UK
Phone: 01908 653741 web: http://www.open.ac.uk/
The Open University is incorporated by Royal Charter (RC 000391), an
exempt charity in England & Wales and a charity registered in Scotland
(SC 038302).
_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
Platinum Sponsor:[email protected] ARSlist: "Where the Answers Are"
