Loading...
 
Architecture / Installation

Architecture / Installation


Re: Double log-in: Possible security threat!

posts: 1630 Canada

This is a feature or a bug depending on your use case.

Some people have several Tikis on the same server and they want the login to be shared (and to have Single Sign On). But of course, some don't want this.

The permissions come from the group membership of that username. So user "Mohamed" can be Registered on one site, and admin on another.

in tiki-admin.php?page=login, there are three cookie-related prefs:

Cookie name:
Domain:
Path:


There can also be weirdness with cache.

Please see https://dev.tiki.org/Security for tips on how to report security issues.

Thanks!

M ;-)

There are no comments at this time.

Upcoming Events

1)  18 Apr 2024 14:00 GMT-0000
Tiki Roundtable Meeting
2)  16 May 2024 14:00 GMT-0000
Tiki Roundtable Meeting
3)  20 Jun 2024 14:00 GMT-0000
Tiki Roundtable Meeting
4)  18 Jul 2024 14:00 GMT-0000
Tiki Roundtable Meeting
5)  15 Aug 2024 14:00 GMT-0000
Tiki Roundtable Meeting
6)  19 Sep 2024 14:00 GMT-0000
Tiki Roundtable Meeting
7) 
Tiki birthday
8)  17 Oct 2024 14:00 GMT-0000
Tiki Roundtable Meeting
9)  21 Nov 2024 14:00 GMT-0000
Tiki Roundtable Meeting
10)  19 Dec 2024 14:00 GMT-0000
Tiki Roundtable Meeting