n22e113 wrote:
>>> While testing leaf v3.1.1-beta3, I am stuck at the page using firefox:
>>> http://192.168.1.210/wc-passwd.cgi
>>> Except for the "General Health" and "Active Connections" pages. Leaving
>>> both Username and Password blank and hitting the |Apply| button will only
>>> get me back to the same page? If Username=admin and Password=blank and
>>> hitting the |Apply| button, the web page will transfer data forever?
>>> Thanks!
>> It's not obvious and the information on the page is wrong: Please add a
>> password!
>> It's pretty unsecure to use webconf without password andf therefor not
>> allowed.
>>
> But from the page "Webconf authentication":
> "To completely disable authentication, leave the fields for username as well
> as password blank."
> The above is correct because Linux and open source are all about choices.
> Users in our case are only allowed to access webconf from inside our private
> LAN. Admins/Users shall all have the ability to decide what level of security
> of Webconf access for a particular installation. The information on the page
> also correctly states:
> "While it provides some protection, please note that the passwords are sent
> over the network in clear text."
That depends, I never allow http access :-) only https
If you don't like this behaviour, as you said it is open source, you can
look into
/var/webconf/lib/preamble.sh for
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
$( /var/webconf/lib/passcheck.sh )
<title>Bering LEAF Firewall</title>
<link rel="stylesheet" type="text/css" href="/webconf.css">
</head>
either remove the call to passcheck or extend it to look for a
configuration option (and if so feed back). If you want my honest
opinion... just use credentials...
:-)
Erich
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/