Mailinglist Archive: opensuse-factory (1324 mails)

< Previous Next >
Re: [opensuse-factory] opensuse.org login expiration
On 2015-10-28 18:53, Felix Miata wrote:

I wish it would reset on each load of a new URL, instead of arbitrarily
asking to login yet again after that period expires and something in an open
page is clicked on. No other bugzilla bug tracker I've ever used timeouts
before the browser session expires, if that soon. Some don't expire unless
the browser version or IP changes since login. After all, it's not a
financial institution or home for proprietary information.

Can't be done.

openSUSE uses the same identification backend for all the users and
services, not just bugzilla. Bugzilla has to query this server for
validation of the user. Some of the services require little security,
but others do.

The advantage is that it is very difficult to crack. Some openSUSE sites
have been cracked, but the password/email data they got was faked, so no
damage to anybody.

Another advantage is that you login in one of the sites, and you are
automatically recognized in the rest.

Yes, it has imperfections.

--
Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 "Bottle" at Telcontar)

< Previous Next >