Bug #3021
closedldapweb.cgi needs some usability improvements
0%
Description
The login system currently used by Metacat for the registry is ldapweb.cgi, which communicates with the LDAP server to authenticate users. There are a few issues which should be improved:
- the script references defaultHeader and defaultFooter directly, which includes the IFRAME Javascript calls. New skins such as the NCEAS skin no longer rely on the frames system, and render incorrectly.
- heavy use of tokens, should probably read config options as per Chris Barteau's work to remove tokens where possible.
- no way to redirect users once logged in to their original page of origin. This problem is scoped beyond just this script, and has been solved in a piece-meal fashion in, for example, nceas-login.xsl (javascript-based redirection).
- The 'resetpass' stage isn't useful; it contains help text for LTER scientists but is neither skin-dependent nor provides guidance for other LDAP authorities.
Updated by Shaun Walbridge over 16 years ago
parts 1 & 2 of this problem solved, part 1 in a 1.8.1 fix and part two in the 1.9 Token_Replacement branch.
Updated by ben leinfelder about 11 years ago
- Status changed from New to Rejected
Actually, login is handled by the registry, not ldapweb.cgi. Redirects would be nice, but it is possible to "trick" it using Metacat skins. The other things on this ticket have been addressed, I believe.