• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use View topic Item7848 for generic doc work for TWiki-6.1.1. Use View topic Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
Does this site look broken?. Use the LitterTray web for test cases.

As users will use that when they have forgotten their passwords. wink

Default {AuthScripts} setting lists the passwd and resetpasswd scripts as authenticated, but .htaccess boilerplate says:

# NB. The resetpasswd & passwd scripts are used to reset and change passwords.
# They do their own validation of the user and therefore
# should not use "require valid-user"

Since resetpasswd sems to be used only by BulkResetPassword, maybe passwd should by made not authenticated.

AT

passwd should never be authenticated, {AuthScripts} is wrong. I put that note in .htaccess because I knew it would tempt someone.

MC


commited svn:7121 -- SD

ItemTemplate
Summary requiring login for ResetPassword does not make sense
ReportedBy AntonioTerceiro
AppliesTo Engine
Priority Normal
CurrentState Closed
WaitingFor

Checkins 7121
Edit | Attach | Watch | Print version | History: r4 < r3 < r2 < r1 | Backlinks | Raw View |  Raw edit | More topic actions
Topic revision: r4 - 2005-10-22 - SvenDowideit
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback