Committed at revision: 1328122
Jacques
From: "Jacques Le Roux" <jacques.le.r...@les7arts.com>
Nope, I'd not have raised a warning else ;o)
The user must read it at the end, it's the body part of the email in the service result
Jacques
From: "Adrian Crum" <adrian.c...@sandglass-software.com>
Is the logged password encrypted? If yes, then I don't see a problem
with it.
-Adrian
On 4/7/2012 10:39 AM, Jacques Le Roux wrote:
Hi,
I followed Scott's suggestion and added a generic EMAIL_PASSWORD
EmailTemplateSetting (used to send a new password at user request).
I finally kept also the previous way (in r1307895) because it allows
an easier 18n of the email subject.
Something is worrying me a bit. Since the service takes more than
50/200 ms, ServiceDispatcher.java (just above line 600) shows the
password in console and logs. To prevent this by and large, I'd like
to add a hideResult attribute to service defintion. It would be
false by default and used in ServiceDispatcher.runAsync()
An alternative would be to use runSyncIgnore to call
sendMailFromScreen service in LoginEvents.java. But I think it's a
more general
issue...
What do you think?
Jacques
From: "Jacques Le Roux" <jacques.le.r...@les7arts.com>
Thanks Scott,
This sounds like a plan. I will try to apply it...
Jacques
From: "Scott Gray" <scott.g...@hotwaxmedia.com>
Hi Jacques,
I think the better approach would have been to fall back to the
EmailTemplateSetting (after adding a demo record for it) and
failing if it isn't present (along with removing that default screen
reference altogether). The reason for this is simplicity,
we give the user one path through the system:
- Define a forgot password template for the entire system in
EmailTemplateSetting
- If you want ones for specific product stores then define them in
ProductStoreEmailSetting
Regards
Scott
On 3/04/2012, at 10:13 PM, Jacques Le Roux wrote:
Do you agree with r1307895 and to backport it to releases?
http://svn.apache.org/viewvc?rev=1307895&view=rev
Jacques
