Has anyone ever created a method to restrict access for users by IP? It has never made me comfortable that superuser access is possible from anywhere. I can mitigate the risk with tools like Fail2Ban, but I'd just as soon lock the interface down so they can't login at all except from trusted sources. Reviewing RT 4.0 code, seems like the best method to override would be RT::User::HasPassword since it is short and least likely to be changed version to version. Hoping someone else has already done this or similar and has some advice to share. Otherwise, I shall just plow ahead and post my solution on the wiki!
Thanks, Mark -- Mark D. Nagel, CCIE #3177 <mna...@willingminds.com> Principal Consultant, Willing Minds LLC (http://www.willingminds.com) cell: 949-279-5817, desk: 714-495-4001, fax: 714-646-8277 ** For faster support response time, please ** email supp...@willingminds.com or call 714-495-4000 -------- RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 & 6, 2012
