I view
Login as A -> Login as B
to actually be
Login as A -> Logout -> Login as B
I think the safest thing is to switch User objects at Logout. There
might be circumstances where you want attributes to carry over in this
situation, but it is much less likely than the case of going from
anonymous to logged in user, in the middle of a process.
john mcnally
Kurt Schrader wrote:
>
> On Thursday, July 19, 2001, at 07:05 PM, Sean Legassick wrote:
>
> > In message <[EMAIL PROTECTED]>, John McNally
> > <[EMAIL PROTECTED]> writes
> >> It used to be that when a User went from anonymous to logged in status,
> >> the User object did not change. The User object only changed when a
> >> user logged out. I think this is the proper behavior, but Rafal had
> >> security concerns; I do not recall what they were. Copying the temp
> >> hashtable does not help in the case where a custom User is being used
> >> that is storing some attributes outside the hashtable. But you can
> >> just
> >> say you have to write your own Login action to account for any
> >> differences. I still like just keeping the same User.
> >
> > +1
> >
> > I think conceptually it is correct that the User object remains the
> > same, it merely acquires the property of being named not anonymous.
> >
>
> I think the problem would be that if someone logged in and then was
> somehow able to log in again as someone else then they would acquire the
> attributes of both users. For instance, if I'm storing a custom
> attribute outside of the hashtable and then I find a way to login as
> someone else then the name property changes from "User A" to "User X"
> but unless you have a custom Login action to clear out the extra
> properties then User X would have the new abilities that they inherited
> from User A. So User X now has permissions to do all of the things that
> User A can do. The only way around this seems to me to be to clear out
> the User object with each login.
>
> -Kurt
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
