Index: openacs.org-dev/packages/acs-core-docs/www/security-notes.html =================================================================== RCS file: /usr/local/cvsroot/openacs.org-dev/packages/acs-core-docs/www/security-notes.html,v diff -u -r1.1.1.1 -r1.1.1.2 --- openacs.org-dev/packages/acs-core-docs/www/security-notes.html 9 Jul 2002 17:34:57 -0000 1.1.1.1 +++ openacs.org-dev/packages/acs-core-docs/www/security-notes.html 11 Aug 2002 00:42:48 -0000 1.1.1.2 @@ -1,60 +1,29 @@ - - - -OpenACS 4 Security Notes - - - - - - - - -
- - - - -
-Prev Chapter 7. Kernel Documentation Next -
-
-
-
-

-OpenACS 4 Security Notes

-

-by Richard Li -

-

+OpenACS 4 Security Notes

Prev Chapter 7. Kernel Documentation Next

OpenACS 4 Security Notes

+by Richard Li
+ OpenACS docs are written by the named authors, but may be edited + by OpenACS documentation staff. +

The security system was designed for security. Thus, decisions requiring trade-offs between ease-of-use and security tend to result in a system that may not be as easy to use but is more secure. -

-
-

-HTTPS and the sessions system

-

+

HTTPS and the sessions system

If a user switches to HTTPS after logging into the system via HTTP, the user -must obtain a secure token. To insure security, the only way to +must obtain a secure token. To insure security, the only way to obtain a secure token in the security system is to authenticate yourself via password over an HTTPS connection. Thus, users may need to log on again to a system when switching from HTTP to HTTPS. Note that logging on to a system via HTTPS gives the user both insecure and secure authentication tokens, so switching from HTTPS to HTTP does not require reauthentication. -

-

This method of authentication is important in order to establish, in as +

This method of authentication is important in order to establish, in as strong a manner as possible, the identity of the owner of the secure token. In order for the security system to offer stronger guarantees of someone who issues a secure token, the method of authentication must be as strong as the -method of transmission.

-

If a developer truly does not want such a level of protection, this system +method of transmission.

If a developer truly does not want such a level of protection, this system can be disabled via source code modification only. This can be accomplished by commenting out the following lines in the sec_handler -procedure defined in security-procs.tcl:

-
+procedure defined in security-procs.tcl:
 
     if { [ad_secure_conn_p] && ![ad_login_page] } {
         set s_token_cookie [ns_urldecode [ad_get_cookie "ad_secure_token"]]
@@ -65,11 +34,9 @@
         }
     }
 
-

-
The source code must also be edited if the user login pages have been
+

The source code must also be edited if the user login pages have been moved out of an OpenACS system. This information is contained by the -ad_login_page procedure in security-procs.tcl:

-
+ad_login_page procedure in security-procs.tcl:
 
 ad_proc -private ad_login_page {} {
     
@@ -85,38 +52,10 @@
     return 0
 }
 
-

-

+

The set of string match expressions in the procedure above should be extended appropriately for other registration pages. This procedure does not use ad_parameter or regular expressions for performance reasons, as -it is called by the request processor.

-

($Id$)

-
-
-
-
- - - - - - - - - - - -
-Prev Home Next -
OpenACS 4 Security Design Up OpenACS 4 Request Processor Requirements
-
-
- rmello at fslc.usu.edu -
-
+it is called by the request processor.

($Id$)
Prev Home Next
OpenACS 4 Security Design Up OpenACS 4 Request Processor Requirements
rmello at fslc.usu.edu
vinod@kurup.com -
-
- - +