Index: openacs-4/packages/acs-core-docs/www/security-notes.html =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/security-notes.html,v diff -u -r1.51 -r1.52 --- openacs-4/packages/acs-core-docs/www/security-notes.html 25 Apr 2018 08:38:28 -0000 1.51 +++ openacs-4/packages/acs-core-docs/www/security-notes.html 3 Sep 2024 15:37:32 -0000 1.52 @@ -1,48 +1,29 @@ -
By Richard Li
-</authorblurb> - -+
The security system was designed for security. Thus, decisions requiring trade-offs between ease-of-use and security tend to result in a system that may not be as easy to use but is more secure. -
+- - -
- If a user switches to HTTPS after logging into the system via HTTP, the user -must obtain a secure token. To insure security, the only way to +must obtain a secure token. To ensure security, the only way to obtain a secure token in the security system is to authenticate yourself via password over an HTTPS connection. Thus, users may need to log on again to a system when switching from HTTP to HTTPS. Note that logging on to a system via HTTPS gives the user both insecure and secure authentication tokens, so switching from HTTPS to HTTP does not require reauthentication. -
- -This method of authentication is important in order to establish, in as +
This method of authentication is important in order to establish, in as strong a manner as possible, the identity of the owner of the secure token. In order for the security system to offer stronger guarantees of someone who issues a secure token, the method of authentication must be as strong as the -method of transmission.
- -If a developer truly does not want such a level of protection, this system +method of transmission.
If a developer truly does not want such a level of protection, this system
can be disabled via source code modification only. This can be accomplished
by commenting out the following lines in the sec_handler
-procedure defined in security-procs.tcl
:
security-procs.tcl
:- - -- if { [ad_secure_conn_p] && ![ad_login_page] } { set s_token_cookie [ns_urldecode [ad_get_cookie "ad_secure_token"]] @@ -52,17 +33,10 @@ } } -- - -The source code must also be edited if the user login pages have been +
The source code must also be edited if the user login pages have been
moved out of an OpenACS system. This information is contained by the
-ad_login_page
procedure in security-procs.tcl
:
ad_login_page
procedure in security-procs.tcl
:- - -- ad_proc -private ad_login_page {} { Returns 1 if the page is used for logging in, 0 otherwise. @@ -77,16 +51,8 @@ return 0 } -- -+
The set of string match expressions in the procedure above should be extended
appropriately for other registration pages. This procedure does not use
ad_parameter
or regular expressions for performance reasons, as
-it is called by the request processor.
($Id$)
-