Revision [652]
This is an old revision of UserAdministration made by BrianKoontz on 2008-02-10 12:37:09.
NOTE
This feature is available since:
WikkaWiki 1.1.6.4
WikkaWiki 1.1.6.4
User Administration
Introduction
Version 1.1.6.4 introduces a new system page, AdminUsers, accessible by system administrators to facilitate various user management tasks. This code has been extensively beta-tested in previous versions, and has been enhanced for 1.1.6.4 to include user deletions and session management.
User Account Deletion and Session Management
Users may be inactivated either individually or in bulk (such as might occur with a scripted registration attack) by using the Delete functionality. User accounts are not actually deleted (useful for later reactivation or for post-forensic analysis), but are rather marked in the database as deleted. As such, these users will not be recognized by the system, and additional attempts to re-register the same user will fail.
These are the steps that are taken by the system when a user is inactivated/deleted:
- The user's password is changed to a value that can never be matched by any password.
- The user's account is flagged as "deleted".
- The user's most recent session is immediately closed. This ensures that a user cannot continue to access the system via an existing session cookie.
Future Enhancements
- Deleted user accounts can only be restored by direct access to the wiki database. A future version of this module will permit the restoration of user access via the user administration panel.
The current User Administration module is a work in progress. While operational, several features remain to be implemented. Suggestions for improvement are always welcome.
CategoryDocumentation
CategoryEN