[TYPO3-core] RFC #0013938: Backend session is locked to useragent

[Bjoern Pedersen]

Am 03.09.2010 09:40, schrieb Bjoern Pedersen:
> Am 03.09.2010 00:26, schrieb Marcus Krause:
>> Hi!
>>
>> Markus Klein schrieb am 09/02/2010 11:35 PM Uhr:
>>> Ok you're right!
>>> Nevertheless I suggest to introduce this additional option for BE, so one
>>> can decide wether to change this only for FE or also for BE.
>>> Therefore i moved this configuration into class beUserAuth.
>>>
>>> So please have a look at patch v4.
>>
>> Much better. However, there's a further possibility:
>> I searched for an option that allows separate configuration for FE an
>> BE. Such option is *lockIP*.
>>
>> For BE *the one and only place* where *lockIP* is set based on the
>> configuration is after the instanciation of "t3lib_beUserAuth" in
>> typo3/init.php around line 425.
>>
>> I'd let core devs decide what they believe is appropriate.
>>
>> Marcus.
> 
> That's also what my initial patch did: Introduce separate TYPO3CONFVars
> for FE and BE. Setting it in the base class still allows for the
> differentiation.
Answering to myself: It seems, also BEuser->lockIP is set too often. I
will try to create a new patch today where everthing is moved to
typo3confvars and t3lib-userauth.php.