dirk ooms wrote:
Hello,
we are running a web application with form based authentication. we now
have a requirement to switch between users (for subsets of users) with a
minimum of user interaction (log out and log in providing username
password is way too much work for the user). so i was
Andre,
thanks for your thoughts on this. i agree that this issue brings me to
'a loop of increasing contradictions'. it's probably good to go one
step back and explain the real-life requirement:
we have an application that is used by many small companies, each
company has its own data and can
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dirk,
On 5/23/12 7:01 PM, dirk ooms wrote:
any hint on fast-user-switching or
applications-interacting-with-container-based-authentication are
very welcome.
We use securityfilter for AAA and the user is stored in the session:
you can just
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris,
On 5/23/12 7:06 PM, chris derham wrote:
We had an app where support staff can login, and then on a special
form enter the username of the person to impersonate and their own
password (to prevent abuse), and the system then allows them to
dirk ooms wrote:
Andre,
thanks for your thoughts on this. i agree that this issue brings me to
'a loop of increasing contradictions'. it's probably good to go one
step back and explain the real-life requirement:
we have an application that is used by many small companies, each
company has its
André Warnier wrote:
dirk ooms wrote:
Andre,
thanks for your thoughts on this. i agree that this issue brings me to
'a loop of increasing contradictions'. it's probably good to go one
step back and explain the real-life requirement:
we have an application that is used by many small
Chris, Andre,
thanks for sharing your thoughts, it helped me to see things more clear.
changing a user object in the session is something i already did. the
problem with this was (and which was triggering my initial question) is
that a new user could have access rights to more functionality than
dirk ooms wrote:
Chris, Andre,
thanks for sharing your thoughts, it helped me to see things more clear.
changing a user object in the session is something i already did. the
problem with this was (and which was triggering my initial question) is
that a new user could have access rights to more
How about your barcode (or card or whatever) idea, to allow users to switch
id on-the-fly
? I am curious as to how you implement that.
after some user has logged in in a 'normal/standard' way (using e.g.
form-based, container-managed), there is a text input field in the
header of the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dirk,
On 5/24/12 4:51 PM, dirk ooms wrote:
changing a user object in the session is something i already did.
I misspoke: SF stores the /user principal/ in the session. When you
change that, the identity of the current user (roles and all) changes.
Hello,
we are running a web application with form based authentication. we now
have a requirement to switch between users (for subsets of users) with a
minimum of user interaction (log out and log in providing username
password is way too much work for the user). so i was thinking of
providing
any hint on fast-user-switching or
applications-interacting-with-container-based-authentication are very
welcome.
Dirk,
We had an app where support staff can login, and then on a special form
enter the username of the person to impersonate and their own password (to
prevent abuse), and the
12 matches
Mail list logo