#791: login/logout, authentication, and authorization
----------------------------------------------------------------+-----------
 Reporter:  Matthew Good <matt-good.net>                        |        Owner: 
 jonas   
     Type:  enhancement                                         |       Status: 
 reopened
 Priority:  highest                                             |    Milestone: 
 1.0     
Component:  general                                             |      Version: 
 devel   
 Severity:  major                                               |   Resolution: 
         
 Keywords:  login logout security authentication authorization  |  
----------------------------------------------------------------+-----------
Changes (by [EMAIL PROTECTED]):

  * cc:  [EMAIL PROTECTED], [EMAIL PROTECTED] =>
         [EMAIL PROTECTED], [EMAIL PROTECTED],
         [EMAIL PROTECTED]

Comment:

 I just read this thread. I was about to create a ticket on the same issue.
 But my needs were may be not exactly the same and I had in mind a slightly
 different (but probably complementary) approach.

 We have some projects either with no anonymous access at all or with
 restricted areas accessible only to (some or all) logged in users.
 Currently if a not yet logged user enter such an area it received a 'XXX
 privileges are required to perform this operation'.

 My idea was, instead of displaying the error message, if the user is not
 logged yet, to trigger a login operation (may be with an option in
 trac.ini like 'autologin' to enable this feature). This would be
 particularly nice when you are using certificates to authenticate as
 generally your certificate is already validated by http and the login
 operation doesn't need any input.

 Any comment ?

-- 
Ticket URL: <http://projects.edgewall.com/trac/ticket/791>
The Trac Project <http://trac.edgewall.com/>
_______________________________________________
Trac-Tickets mailing list
[email protected]
http://lists.edgewall.com/mailman/listinfo/trac-tickets

Reply via email to