-
Notifications
You must be signed in to change notification settings - Fork 38
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Item12180: Make authentication prompts (more) consistent.
git-svn-id: http://svn.foswiki.org/trunk@16044 0b4bb1d4-4e5a-0410-9cc4-b2b747904278
- Loading branch information
TimotheLitt
authored and
TimotheLitt
committed
Nov 16, 2012
1 parent
c4d304d
commit 51d48e3
Showing
7 changed files
with
109 additions
and
34 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,33 +1,43 @@ | ||
<#-- Template used for main screen login --> | ||
|
||
<h1>Please login</h1> | ||
<#if passwordProblem == 0> | ||
<h1>Please login</h1> | ||
|
||
<div class='foswikiFormSteps'> | ||
<div class='foswikiFormStep'> | ||
<#if displayStatus == 0> | ||
<div class='foswikiFormSteps'> | ||
<div class='foswikiFormStep'> | ||
<h2>In order to proceed, Configure requires that you type your password.</h2> | ||
<#assign loginButtonLabel>Enter Password</#assign> | ||
</#if> | ||
<#if displayStatus == 8><#assign loginButtonLabel>Enter Configure</#assign></#if> | ||
|
||
${loginButton} | ||
${loginFeedback} | ||
</div> | ||
<hr /> | ||
<#if displayStatus == 0> | ||
<div class='foswikiHelp'>Password forgotten? To reset your password, log in to the server and delete the <code>$Foswiki::cfg{Password} = '...';</code> line from <code>lib/LocalSite.cfg</code>. Then reload this page and create a new password.</div> | ||
</#if> | ||
<#if displayStatus == 8> | ||
<div class='foswikiHelp'>No password is set. You should set a password to protect your configuration as soon as you log in. | ||
<div class='foswikiHelp'>Password forgotten? To reset your password, log in to the server and delete the <code>$Foswiki::cfg{Password} = '...';</code> line from <code>lib/LocalSite.cfg</code>. Then reload this page and create a new password. | ||
</div> | ||
</div> | ||
<#else> | ||
<h1>Security notice</h1> | ||
|
||
<div class='foswikiHelp'>You are not using browser (webserver) authentication to access configure, and you have not set a configure password. To protect your wiki, we <strong>strongly</strong> recommend that you use at least one of these methods to secure your site. | ||
<p> As a first step, you should set a configure password with the <strong>Change password</strong> button on the configure task ba as soon as you login. You can remove it if you implement webserver authentication later. | ||
</div> | ||
<hr /> | ||
<div class='foswikiNotification foswikiAlert'> | ||
<h3 style="margin-top:0;">Security tips</h3> | ||
You can use a configure password as well as webserver authentication to protect configure, or either alone. | ||
<p>The configure password mechanism is provided as a component of your overall security strategy, and to assist you during initial setup of your wiki. You should consider whether it is right for your site. <p>Other components, including physical security of your system and webserver authentication can provide per-user control and accountability and more convenience. For example, X.509 webserver authentication may eliminate the need for a password, while identifying each administrator automatically. Any webserver-based authentication mechanism allows configure to log changes by username for audit and/or troubleshooting. | ||
<p>We recommend that you use the stongest feasible method to protect your site: | ||
<ol> | ||
<li>Always use a strong password that can't be guessed easily.</li> | ||
<li>Always configure the web server so that Configure is only accessible to the people who should use it.</li> | ||
<li>If you are running Foswiki on a public website, you can totally disable saving from Configure by making <code>lib/LocalSite.cfg</code> read-only once you are happy with your configuration.</li> | ||
<li>Change your password frequently and do not share it</li> | ||
<li> Consult documentation (or a security expert) to decide what is best for you.</li> | ||
<li>If you are running Foswiki on a public website, you can totally disable saving from Configure by making <code>lib/LocalSite.cfg</code> read-only once you are happy with your configuration. However, this will make keeping your configuration up-to-date less convenient.</li> | ||
</ol> | ||
</div> | ||
<hr /> | ||
<#assign loginButtonLabel>Enter Configure</#assign> | ||
${loginButton} | ||
${loginFeedback} | ||
</#if> | ||
</div> | ||
</div> | ||
<div style="display:none" id="{ConfigureGUI}{Unsaved}status"></div> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters