Hi everyone,

I'm not even sure if this was (correctly) ported to Limesurvey 2, but maybe using the one time password feature might be an easy way to work around it: http://docs.limesurvey.org/tiki-index.php?page=Manage+users&no_bl=y#Use_one_time_passwords

Best regards,
Marcel Minke
(Limesurvey Head of Support)

Am 24.05.2012 03:46, schrieb Jason Cleeland:

Hi Srineth,

 

Yes, I’m sure the function is secure. The thing is that LimeSurvey keeps its own record of authenticated users, and just about every step of the way – during the admin system – it checks against that. It needs to check if the user has permissions to view or access individual surveys, it needs to know what those permissions are.

 

So it’s not just a question of “can a user log in or not”. Every new administration page checks that the user has permissions to do what they’re trying to do against the LimeSurvey user & permissions table.

 

If you thought this was something you could do simply, I’m sorry but you’ll need to develop a module for LimeSurvey that can integrate with your authentication system, and create entries and permissions in the LimeSurvey user table.

 

Jason

 

From: Srineth Priyanka [mailto:srineth.priyanka@gmail.com]
Sent: Thursday, 24 May 2012 11:44 AM
To: limesurvey-developers@lists.sourceforge.net
Subject: Re: [limesurvey-developers] Change Logging Function

 

On Thu, May 24, 2012 at 4:52 AM, Jason Cleeland <jason@cleeland.org> wrote:

Hi Srineth,

 

Sounds like you might mean the “Log in” or “Logging in” page, not the “Logging” page. Up until now I though you wanted to know how to log access.

It is log in page (Page that admin can login to the site system) .

 

I suspect you’ll have to build a little more than just something that returns a true/false at the point of logging in, since all of LimeSurvey relies on permissions and things.

It returns true/false by authenticating that user is a fedora user or not. It is a secure function.  

 

Thanks

srineth

------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ limesurvey-developers mailing list limesurvey-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/limesurvey-developers