Project

General

Profile

Bug #6721

Updated by Reynaud Sylvain over 10 years ago

+*PRE-REQUISITE*+: we must be able to distinguish abort from failure for each authentication mode. 

 Authentication attempt is considered as *aborted* if: 
 * +X509+: usage of protocol HTTP instead of HTTPS 
 * +PASSWORD+: users clics on the button "cancel" 
 * +IP+: the the list of authenticated IP does not contain user's IP 
 * +CAS+: to be defined... 

 Authentication attempt is considered as *failed* if: 
 * +X509+: CA is unknown 
 * +PASSWORD+: unknown user or wrong password 
 * +IP+: NEVER FAILS !!! 
 * +CAS+: to be defined... 

 Authentication is considered as failed: 
 * either if *ANY* authencation attempt has failed 
 * or if *ALL* the authentication attempt have been canceled

Back