Menu
▾
▴
Re: [Roundup-users] Reauthorization for changes
|
From: Ralf S. <rs...@ru...> - 2025-08-11 08:57:20
|
On Sat, Aug 09, 2025 at 01:02:25AM -0400, John Rouillard via Roundup-users wrote: > > Consider a user changing a password. You as the admin want to make sure > that the user is actually present and that the request isn't being made on > an unlocked computer by some random person. > > One way to add an extra layer of protection on sensitive changes is > to require the user to authorize the change by typing their password. > > We see this with github and other places. My POC runs like this: [...] > So my questions: > > Has anybody done something like this already? No. > Does this seem useful? Yes, definitely. Although most of my trackers run authentication against a Kerberos instance (usually active directory) > Are there other sequences other than reauth that I should consider adding > and maybe build this into a better framework to allow other use cases? > (YAGNI would seem to say no but....). Hmm, I would leave it at that for now, better to refactor later when the need arises... Thanks for looking into this! Kind regards Ralf -- Dr. Ralf Schlatterbeck Tel: +43/2243/26465-16 Open Source Consulting www: www.runtux.com Reichergasse 131, A-3411 Weidling email: of...@ru... |
