[
http://jira.magnolia-cms.com/browse/MAGNOLIA-2397?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=20549#action_20549
]
Jan Haderka commented on MAGNOLIA-2397:
---------------------------------------
It's detailed in the linked wiki page. When playing with possibilities for
auditing while ago, I've noticed that while last login time is recorded (the
second set of log messages) it is done with anonymous user credentials. Does
that mean anybody can modify things directly in the user node? I hope not, but
this needs to be checked.
> User's own credentials not used/checked to record last access time
> ------------------------------------------------------------------
>
> Key: MAGNOLIA-2397
> URL: http://jira.magnolia-cms.com/browse/MAGNOLIA-2397
> Project: Magnolia
> Issue Type: Bug
> Components: admininterface, core, security
> Reporter: Jan Haderka
> Assignee: Philipp Bracher
>
> can be found when detailed auditing of access is enabled. For details see
> http://wiki.magnolia.info/display/DEVINT/Audit+Trail
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
For list details see
http://www.magnolia-cms.com/home/community/mailing-lists.html
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------
