Re: [Oscarmcmaster-users] Oscar connection problems
open source web-based Electronic Medical Record (EMR) system
Brought to you by:
davidhcchan,
jaygallagher
From: Peter Hutten-C. <phu...@gm...> - 2007-11-23 22:12:06
|
Failed login with valid credentials (yes it is a hash but mac2002 does convert to -51-282443-97-5-9410489-60-1021-45-127-12435464-32 ) makes me think that someone forgot to set the admin or doctor role to the appropriate provider (the program applies a fairly granular level of security so that you need certain roles assigned to access parts of the program. No role assigned = no program access). I have never done this from outside the program, but you should be able to suss it, all you need is the database password. For security reasons, the only place this password is visible is in the properties file, which unless you make a special install, should be only accessible from someone who has hacked the su password, so the data should be safe if someone steals the box, at least from casual theft/hacking. MySQL does not support table encryption per se beyond requiring a password (and if it did it would still require leaving a password in some property file), box wide encrytion (I suppose for speed having the kernel using a loop virtual drive to access encrytion functions) can obviously be done but I have never bothered. I too would be interested in other users ideas on this. -- Peter Hutten-Czapski Haileybury Ontario "The small town needs the best and not the worst doctor procurable, for the country doctor has only himself to rely on. He cannot in every pinch hail specialist and nurse." -Dr. Abraham Flexner 1910 "Advancement of Teaching Medical Education in the United States and Canada" |