Joshua Thijssen wrote: > Kevin wrote: >> It looks like your patch made it into the next release of ASSP fyi. >> >> Personally i don't much like the idea of non-authenticated access to the >> analyzer, however i think being able to specify a separate password that >> can only access the analyzer would be beneficial. >> >> I'll see about tackling that once I'm done with my current "project" in >> ASSP if no one else does. > > What you can do is create a separate webport, together with password and > IP authentication. Although this is the most flexible, it would mean > having a duplicate set of most of the web functionality. That's what I > currently did (but stripped away the password authentication part). > > Secondly,mja a redesign of the current functionality to account for 2 > different authentication-sets. This would make the web functions a bit > more complex, but saves you the trouble of having a lot of redundant code.
It's easier to just check the password and show either the admin gui or the analyzer page only, based on the login. It's already it's own page so it just needs a IF(is not admin) check to hide the menu and another to deny access to the other pages. That's simplified a bit but the concept is there. People have requested real ACL for a while now so it might be time to start looking into that....but thats a few steps away. Kevin ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
