[SAC] User info self-update
Frank Warmerdam
warmerdam at pobox.com
Sun Apr 15 01:38:02 EDT 2007
Folks,
I have written another simple python form for users to update their name,
email address and password for their OSGeo userid. It is available at:
https://www.osgeo.org/cgi-bin/auth/ldap_edit_user.py
I have also updated the http://www.osgeo.org/osgeo_userid page accordingly.
Note that we still have no mechanism for someone who has forgotten their
password to get a reminder or to reset their password. I realized that
the reminder isn't really possible since we only store the md5 checksum
for the password. We could do a reset, but it isn't obvious how we would
avoid abuse. Imagine everyone's account having the password reset by a
prankster - it could cause quite a bit of disruption!
The user creation form is also still prone to abuse.
At this point I feel we have at least a bare minimum set of services in
place for managing LDAP userids and groups with the caveat about forgotten
passwords.
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam at pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGeo, http://osgeo.org
More information about the Sac
mailing list