On Thu, Jul 25, 2002 at 02:38:28PM +0200, Stephan Goeldi wrote:
A problem would be: if a user has advanced rights on site A and limited rights on site B. So there must be an automatism which first checks the local acl and then the global one.
there would be no acl on the central server, only usernames + passwords acls would be local to each site.
Another one: What if I would like to register on site A but not on site B?
good question. An easy solution is : if you don't need it then don't use it. so if the user doesn't want to register on B he just has to never click on the Login link :-) Again this idea is not bullet-proof security wise but the goal is not security, it's ease of use, without compromising security too much. bye, and thanks to all for you comments Jerome Alet