Currently, ADMIRAL (and Databank) use standard HTTP authentication. This
presents us with a number of problems: cf. issue 15, issue 37.
We should review the whole web interface structure, and (for example) consider
using a web application framework for ADMIRAL that establishes a user session
(e.g. via cookies) rather than simply relying upon HTTP authorization headers
from the browser.
The goals would be to adopt a mechanism that could support some kind of logout
from ADMIRAL, and also to avoid the confusion of asking the user for databank
credentials via the HTTP authentication popups. One approach might be an
ADMIRAL session that maintains additional information while it is active.
Original issue reported on code.google.com by bhavana....@gmail.com on 31 Mar 2011 at 9:43
Original issue reported on code.google.com by
bhavana....@gmail.com
on 31 Mar 2011 at 9:43