[TYPO3-core] RFC #0013938: Backend session is locked to useragent

[Markus Klein]

> Hi!
> 
> Markus Klein schrieb am 09/02/2010 11:35 PM Uhr:
> > Ok you're right!
> > Nevertheless I suggest to introduce this additional option for BE, so
> > one can decide wether to change this only for FE or also for BE.
> > Therefore i moved this configuration into class beUserAuth.
> >
> > So please have a look at patch v4.
> 
> Much better. However, there's a further possibility:
> I searched for an option that allows separate configuration for FE an BE.
Such
> option is *lockIP*.
> 
> For BE *the one and only place* where *lockIP* is set based on the
> configuration is after the instanciation of "t3lib_beUserAuth" in
> typo3/init.php around line 425.

But also here:
typo3\sysext\cms\tslib\index_ts.php line 285:
$BE_USER->lockIP = $TYPO3_CONF_VARS['BE']['lockIP'];

Whereas $BE_USER is an instance of t3lib_tsfeBeUserAuth, which is a subclass
of t3lib_beUserAuth.
I was running this search too, before I made. v4 :-)

That's why I did it this way. I just wanted to make sure, that all
subclasses are getting this.
And I didn't further investigate what t3lib_tsfeBeUserAuth exactly does.

> 
> I'd let core devs decide what they believe is appropriate.
> 
> Marcus.
> _______________________________________________
> Before posting to this list, please have a look to the posting rules on
the
> following websites:
> 

cheers
Markus