Archives
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Summary-Talk] Identifier vs Username Passwords
User names/passwords and "Identifier for use in report URLs" have some overlapping functionality, but they primarily serve two different purposes. User names/passwords are primarily for security purposes. If you want to limit who can view a sub-report you need to give that sub-report a user name/password. Secondarily, they are also handy for redirecting people to the correct sub-report based on which name/password they entered. "Identifier for use in report URLs" allows you to give short, hopefully easy to remember, names to a sub-report. But they don't provide any security at all. If you turn off "Allow all access to sub-report list" and "Show name/password limited sub-report lists", then only the configuration name/password user can see the sub-report list. However, if you haven't assigned report name/passwords, anyone will still be able to access any sub-report if they can guess it's URL (which isn't difficult). In some situations this is sufficient security, but in most it is not. Jason Kerry wrote: > > So instead of using username > and passwords I thought I could erase them and place in identifiers to > access the reports as in http://www.domain.com:9000/~client. -- Jason@Summary.Net -- Dr. Seuss books . . . can be read and enjoyed on several levels. For example, 'One Fish Two Fish, Red Fish Blue Fish' can be deconstructed as a searing indictment of the narrow-minded binary counting system. -- Peter van der Linden, Expert C Programming, Deep C Secrets ------------- Go to <http://summary.net/list.html> to update subscription info.
|