[Freeipa-devel] [PATCH] 157 Added password reset capabilities to unauthorized dialog

Endi Sukma Dewata edewata at redhat.com
Wed Jun 20 16:46:16 UTC 2012 

ACK, but feel free to make additional minor changes as suggested below 
before push.

On 6/19/2012 9:01 AM, Petr Vobornik wrote:
> In general I like simplifying the dialog so I took most of your
> suggestions and implemented them following way:
>
> Login
> -----------------------------------------------------
>
> Your session has expired. Please re-login.
>
> To login with Kerberos, please make sure you
> have valid tickets (obtainable via kinit) and
> [configured] the browser correctly.
>
> To login with username and password:
>
> Username: [edewata ]
> Password: [******** ]
>
> [Login]
>
> So I just changed the order and kept only one button. If username and
> password are filled it uses form-based auth otherwise it uses kerberos
> auth. I'm not sure if it is straightforward but it is easy to use.

The layout looks good. I think to avoid confusion the text should 
mention what needs to be done in each login option, something like this:

   To login with Kerberos, please make sure you have valid tickets
   (obtainable via kinit) and [configured] the browser correctly,
   then click Login.

   To login with username and password, enter them in the fields
   below then click Login.

Another thing, when I fill in the username a red star (required marker) 
appears next to the password field, and disappears when I remove the 
username. I don't think we need to display it because it's pretty clear 
from the text that either you don't fill in anything or you fill in both 
fields. Less surprises is better, but I'll let you decide.

> I followed all suggestion in the reset part.
>
> I have to place to the forms error box. I'm not sure about the position
> though.
>
> Updated patch attached.

I think this is fine. Another option is to show the error box between 
the fields and the buttons, this way the content don't shift too much 
when the error appears. Same thing for the login page.

In the Reset page if you click Cancel it goes back to the Login page, 
but the username & password are still showing the old values. I think 
the username_widget and password_widget should be cleared as well. What 
do you think?

One more thing, this dialog has an X button at the top right corner so 
people can close it. If it's closed it will show a blank page without a 
way to open it again. Maybe it should go to the unauthorized.html? This 
can be fixed separately.

-- 
Endi S. Dewata

More information about the Freeipa-devel mailing list