Astrid Emde schrieb:
Hello Christoph,
Christoph Baudson schrieb:
In the past I have experienced a lot of trouble with demo
applications that are made public via a user like "demo" and a
similar password.
The most annoying problem is, that the account can be disabled by
trying to log in several times with a wrong password. How about this
workaround: if the login_count is set to -1 by the owner, the
login_count would never be incremented in the first place, thus never
disabling the account. This would be a quick fix.
I favorite this quite easy solution.
A more generic solution could include a new column in mb_user, with a
"public" flag. If this flag was set, you could log in no matter what
password you supplied (I think it's counter-intuitive to have a
password for a public user). Maybe Mapbender should be delivered with
a default public user, to encourage the usage.
A less significant problem is, that you do not know if there are any
"public" users in a Mapbender installation. You always have to try
"demo", "guest", "gast", "anonymous" etc. if there is no
documentation. Maybe the Mapbender server should have this as an API
function, or we could include it in the portal site.
We should think of a solution, as most installations offer this kind
of public access.
This does not sound as a good solution for me. The administrators of
mapbender should decide by themself whether they want to offer a
public user or not.
This was an additional suggestion. The main idea is to flag "public"
users by a column in the mb_user table.
We do not have to include a default public user, although in my opinion
this would be more intuitive. The problem would be updates...some
installations will already have a user with the name we would come up
with ;-)
Christoph
Best regards astrid
_______________________________________________
Mapbender_dev mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/mapbender_dev
--
_______________________________________
W h e r e G r o u p GmbH & Co. KG
Siemensstraße 8
53121 Bonn
Germany
Christoph Baudson
Anwendungsentwickler
Fon: +49 (0)228 / 90 90 38 - 15
Fax: +49 (0)228 / 90 90 38 - 11
[email protected]
www.wheregroup.com
Amtsgericht Bonn, HRA 6788
_______________________________________
Komplementärin:
WhereGroup Verwaltungs GmbH
vertreten durch:
Olaf Knopp, Peter Stamm
_______________________________________
_______________________________________________
Mapbender_dev mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/mapbender_dev
