[geeklog-devel] 'Fallback to local login' and 'no service selector' options
mjervis at gmail.com
Fri Mar 7 03:41:39 EST 2008
> I see your point (I can actually think of quite a few people at work
> who, when asked to "login in with your LDAP password" would respond with
> a blank stare). However, does it really require that much effort to
> modify the login form? I would assume you're going to modify the theme
> anyway, so it would only require one more modifcation.
Well I'd have it (at work) labelled "Login with your standard [company] login"
> Again, I can see the point but it's a very specialised option. Plus, the
> thought of testing two accounts with one login attempt makes me nervous
> from a security point of view. It should probably count the failed login
> attempt nonetheless.
Technically, once you've logged in once with a remote account, the
account auth details are cached and it's only on a failure to validate
against gl_users.remoteusername and gl_users.password that we fail
over to LDAP anyway.
More information about the geeklog-devel