|
Wednesday 30 April 2008 2:22:05 pm
Hi Douglas I believe the only consistent way you will be able to achieve what you want is to modify or replace kernel/user/login.php. By replace I mean create your own in a module with a login view and override all the instances where /user/login are used in the temapltes, or maybe you can simply do an apache rewrite rule to redirect to your login. I think I've brought it up before but the user/authentication system would benefit greatly from hooks that allowed it to be extended, also a cleaner separation of the 3 A's (Authentication, Authorisation & Access*) would allow easier integration with external systems, with each phase having pre & post hooks. @Sébastien; The issue is not with users changing their details but forcing them to see (and possibly acknowledge ) a new set of terms & conditions when they login but before they have access to the system. My bank will often do this when there are changes to the system or T&C.
Cheers
Bruce
* From http://www.microsoft.com/technet/security/guidance/complianceandpolicies/compliance/rcguide/4-13-00.mspx?mfr=true
Authentication usually involves a user name and a password, but it can include additional methods to demonstrate identity, such as a smart card, retina scan, voice recognition, or fingerprints. Authorization focuses on determining if someone, after the person is identified, is permitted to access requested resources. Access is granted or denied depending on a wide variety of criteria, such as the network address of the client, the time of day, or the browser that the person uses.
My Blog: http://www.stuffandcontent.com/
Follow me on twitter: http://twitter.com/brucemorrison
Consolidated eZ Publish Feed : http://friendfeed.com/rooms/ez-publish
|