Insecure form for user registration

[nostneji]

I noticed that web form for non-shibboleth user registration is not protected with SSL (http://lux17.mpi.nl/ds/webannotator/registerNonShibbolethPrincipal.html). Also the field for entering password is not masked. I understand that this is probably temporary solution, but I make this comment just in case 'temporary' turns out to be 'long time used'.

[olhsha]

Thanks. Anyway, authentication seems to be underspecified within the framework in general. I have just had a discussion with colleagues on another authentication related issue.

[olhsha]

Hiding password is fixed on loclahost. Adding SSL layer is postponed till next week to the discussion with Daan, Willem, Menzo.

[olhsha]

hiding passwords is deployed on lux 16