[Fwd: Re: [Aimmath-developers] Authenticate students also with AdminPassword]
Brought to you by:
gustav_delius,
npstrick
Menu
▾
▴
[Fwd: Re: [Aimmath-developers] Authenticate students also with AdminPassword]
|
From: Manolis M. <M.M...@ed...> - 2003-09-20 04:26:50
|
-------- Original Message -------- Subject: Re: [Aimmath-developers] Authenticate students also with AdminPassword Date: Mon, 20 Oct 2003 05:20:48 +0100 From: Manolis Mavrikis <M.M...@ed...> To: gu...@ma... References: <FKE...@ma...> Gustav W Delius wrote: > In aim/Subject.mpl I have added two lines to the method AuthenticateStudent > so that it authenticates a student also if the given password is the > AdminPassword rather than the student's password. This is no security risk > because if a student know the AdminPassword it is bad news anyway. However > it makes it much easier for external programs to log in students. > > Let me know if there are any objections to this change. > I 've done the same but with a different set password just to add a layer of security (there are people sniffing http requests) Manolis |
