[ https://issues.apache.org/jira/browse/OFBIZ-11244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Olivier Heintz reopened OFBIZ-11244: ------------------------------------ In the commit, for the securityForms.xml 6 extra lines have been deleted, those concerning the submit and cancel button {code:java} - <field name="submitButton" title="${uiLabelMap.CommonSave}" widget-style="smallSubmit"><submit button-type="text-link"/></field> - <field name="cancelLink" title=" " widget-style="smallSubmit"> - <hyperlink description="${uiLabelMap.CommonCancelDone}" target="${cancelPage}" also-hidden="false"> - <parameter param-name="partyId"/> - </hyperlink> - </field> </form> {code} {{It's no more possible to add a user login}} > Remove the user login security question > --------------------------------------- > > Key: OFBIZ-11244 > URL: https://issues.apache.org/jira/browse/OFBIZ-11244 > Project: OFBiz > Issue Type: Improvement > Components: ecommerce, framework, party > Affects Versions: Trunk > Reporter: Jacques Le Roux > Assignee: Michael Brohl > Priority: Major > Fix For: Upcoming Branch > > Attachments: OFBIZ-11244-framework.patch, OFBIZ-11244-plugins.patch > > > After our discussion in dev ML at > https://markmail.org/message/2dhc4al4adwgvl7z we will remove this feature. > This [~paulfoxworthy]'s remark is notably important: > bq. Security is only as good as its weakest link ( > https://www.schneier.com/essays/archives/2005/02/the_curse_of_the_sec.html) , > and security questions can be a real weakness. Any organisation using OFBiz > that really hates passwords could look at security keys from Yubico or the > like. -- This message was sent by Atlassian Jira (v8.3.4#803005)