Security Flaw - The Sign In Agent password should be different from the Admin Module password.

kesavkolla / bodyfs

Automatically exported from code.google.com/p/bodyfs

0 stars 0 forks source link

Security Flaw - The Sign In Agent password should be different from the Admin Module password. #75

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

In fact from a security perspective, they should not be linked at all such 
that if someone knows the SIA password or has SIA session running, he could 
not get into the Admin Module.

Note that the Patient IPAD will be logged in with the SIA credential that 
machine should not have access to admin module.

For SIA, please create the following credential.

Username: patient
Password: bodyfengshui

Original issue reported on code.google.com by neelka...@gmail.com on 2 Apr 2010 at 11:35

GoogleCodeExporter commented 9 years ago

Amit can you do another check in the filter for signin url and only allow that 
particular user to access it.

Original comment by kesavko...@gmail.com on 6 Apr 2010 at 1:40

GoogleCodeExporter commented 9 years ago

fixed

Original comment by amitagra...@gmail.com on 6 Apr 2010 at 6:04

GoogleCodeExporter commented 9 years ago

Original comment by amitagra...@gmail.com on 6 Apr 2010 at 6:04

Changed state: Fixed