[Freeipa-devel] [PATCH] 730-732 webui: Login pages usability improvements

Endi Sukma Dewata edewata at redhat.com
Tue Aug 12 20:58:02 UTC 2014 

On 8/5/2014 6:36 AM, Petr Vobornik wrote:
> [PATCH] 730 webui: display expired session notification in a more visible
>  area
>
> The notification is a primary information of the page. It should be 
> more highlighted.
>
> https://fedorahosted.org/freeipa/ticket/4470

ACK.

> [PATCH] 731  webui: improved info msgs on login/token sync/reset pwd 
> pages
>
> - add info icons to distinguish and classify the messages.
> - add info text for OTP fields
> - fix login instruction inaccuracy related to position of login button
>
> https://fedorahosted.org/freeipa/ticket/4470

Just one thing, instead of "enter them in the fields nearby" how about 
"enter them in the corresponding fields"? Otherwise it's ACKed.

> [PATCH] 732 webui: login screen - improved button switching
>
> - added cancel button to reset password view of login screen
> - re-implemented buttons hiding mechanism
> - switching between 'Reset Password' and 'Reset Password and Login' 
> according to presence of value in OTP field
>
> https://fedorahosted.org/freeipa/ticket/4470

The code seems to be fine so it's ACKed, but see comments below:

1. It looks like the OTP token needs to be synchronized before it can be 
used for the first time. Is that true for all types of tokens 
(hardware/software, TOTP/HOTP)? If possible the synchronization should 
be part of the token creation process, so the admin can provide a token 
that can be used right away, so we may need an interface in the UI to 
sync the tokens. If the sync can only be done by users themselves, there 
should be a message on the login screen for first time OTP users to 
synchronize the token first.

2. Try logging in with an incorrect password/OTP. After you get a login 
error click Sync OTP Token. Once the sync is completed it will go back 
to the login page with a "Token was synchronized" message that 
disappears in a few seconds, but the old login error still appears which 
is confusing. Error messages in the UI should only reflect the last 
executed operation.

--
Endi S. Dewata

More information about the Freeipa-devel mailing list