[
https://issues.apache.org/jira/browse/OFBIZ-11244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Olivier Heintz reopened OFBIZ-11244:
------------------------------------
In the commit, for the securityForms.xml
6 extra lines have been deleted, those concerning the submit and cancel button
{code:java}
- <field name="submitButton" title="${uiLabelMap.CommonSave}"
widget-style="smallSubmit"><submit button-type="text-link"/></field>
- <field name="cancelLink" title=" " widget-style="smallSubmit">
- <hyperlink description="${uiLabelMap.CommonCancelDone}"
target="${cancelPage}" also-hidden="false">
- <parameter param-name="partyId"/>
- </hyperlink>
- </field>
</form>
{code}
{{It's no more possible to add a user login}}
> Remove the user login security question
> ---------------------------------------
>
> Key: OFBIZ-11244
> URL: https://issues.apache.org/jira/browse/OFBIZ-11244
> Project: OFBiz
> Issue Type: Improvement
> Components: ecommerce, framework, party
> Affects Versions: Trunk
> Reporter: Jacques Le Roux
> Assignee: Michael Brohl
> Priority: Major
> Fix For: Upcoming Branch
>
> Attachments: OFBIZ-11244-framework.patch, OFBIZ-11244-plugins.patch
>
>
> After our discussion in dev ML at
> https://markmail.org/message/2dhc4al4adwgvl7z we will remove this feature.
> This [~paulfoxworthy]'s remark is notably important:
> bq. Security is only as good as its weakest link (
> https://www.schneier.com/essays/archives/2005/02/the_curse_of_the_sec.html) ,
> and security questions can be a real weakness. Any organisation using OFBiz
> that really hates passwords could look at security keys from Yubico or the
> like.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
