Details
-
Type:
Incident report
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 1.6
-
Fix Version/s: 1.6
-
Component/s: Frontend (F)
-
Labels:None
-
Environment:1.6 branch, revision 6326
Description
user can lock himself out by setting autologout to a very short period.
to verify, set autologout in the profile to 1 second. it is not possible to log in & change this anymore.
simple solution could be to introduce a minimal required autologin period, though this should take into account usage over slow (think gprs) connections.
something like 30-60 seconds could work as the minimal required value.