[SOLVED] "remember me" option timout

[Vimm]

Oh, I tried explaining it. But what if a user accidentally checks the box? And what if they're using a notebook? And what if they lose that notebook? And what if someone finds it? And what if they didn't log out? And what if that someone goes to our site and *gasp* reads their e-mail? It has to go!

I'm all for protecting the users from themselves but... whatever.

I had a feeling it couldn't be disabled. I tried looking for the HTML but there's no actual HTML on the login page, it's all generated with JavaScript so the actual source could be just about anywhere. I had hoped to use the timeout settings to affectively disable it but it seems they override the session timeout too. I've also played around with ZmMsg.properties and ZhMsg.properties. They're quite handy. Perhaps I could change the text to something nobody would ever want to click.

Thanks for the info, I'll send it along. If anyone does know where in the code this checkbox is at I'd appreciate a heads up.

[su_A_ve]

We just had a user that accidentaly checked the box on a public workstation...

Ideally would be to allow this depending on a subclass of service of some sort, based on IP address.

So you could identify IPs that are within the corporate environment and non-public, and allow the 'remember me', and even maybe a different time-out value.

I would have been under the impression that this feature would have been a cached username only - not both username/password...

I'll file a bugzilla for both things...

My .02..

[jholder]

Hi-
Be sure to search to see if they've already been posted to the bugzilla. If they have (or haven't) it might be useful to post the links back to BZ here.

Thanks
john

[su_A_ve]

Quote:

Originally Posted by jholder

Hi-
Be sure to search to see if they've already been posted to the bugzilla. If they have (or haven't) it might be useful to post the links back to BZ here.

Thanks
john

There's one to disable it... BUG 7958