-
1. Re: Bookmarkable url's
kragoth Aug 26, 2010 9:42 PM (in response to rm0han)Fix the app to work properly as a secured application.
If unauthorised people need to see some data then here are some ways that is possible. (I'm not security expert but, the whole concept of letting unauthorised ppl get into the app via a link sounds mighty dangerous).
1. Put all the pages that outside users can see in an unsecured area.
2. Instead of going to the app directly from the link you give them a report (could be html) that was generated. This would work relatively fine. (Think of a frame that makes it look like the actual app from a guest user's perspective but with the content frame having the report content)
3. You just make people log in when they click on the link and then redirect to the appropriate spot. (This is generally the accepted way of doing things).
If you go down the track of allowing unauthorised users access to the system using some magic permission hacking you are gonna end up with users that get really frustrated especially if they have more then one window open. They'll be doing supervisor work in one window, click on a link they just received and magically behind the scenes they are now just a pleb with no permissions at all. While the page pointed at by the link is loading they go back to their supervisor work and find out when they hit a button that they are no longer authorised to do they work they were doing.