[sldev] Re: [VWR] Web login without llmozlib

Donovan Preston donovan at lindenlab.com
Thu Dec 20 13:22:29 PST 2007

Previous message: [sldev] Re: [VWR] Web login without llmozlib
Next message: [sldev] Re: [VWR] Web login without llmozlib
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Dec 20, 2007, at 1:05 PM, Argent Stonecutter wrote:

> On 2007-12-20, at 13:19, Donovan Preston wrote:
>>
>> Successful login, redirect to secondlife: URI.
>> Additional information required, redirect to https: URL.
>
> I thought about that, but that means that if you just got the  
> password wrong you'd have to open a browser window. I considered  
> that, too, but it's not really good user interface design. If you  
> typo the account name and password you should just get a message  
> saying the login failed so you can correct it and try again. For  
> unattended clients, too, it's useful to distinguish a bad account/ 
> password (likely a configuration error) from something that needs  
> immediate human attention.

Ok, I think the distinction should be 303 (success, proceed) and 307  
(temporary correctable failure, go to the location header to correct).

In order to be able to distinguish between what type of failure has  
occurred, I think the 307 response should have an LLSD body containing  
an error code and a human readable message. If the error code matches  
the "user entered password wrong" code, a thin ui can discover that  
info by reading the body.
>
> That doesn't mean you can't trigger a redirect if the user's tried  
> 20 different passwords in the last minute and you want to let them  
> know the account's locked out.
>
> Now I think about it, for interactive clients, the user interface  
> can handle that case. Just a slight change:
>
>>> The viewer doesn't require any new complex code. No matter what  
>>> the response is, it contains a message to display to the user. If  
>>> a web page display is required, it contains a redirect to that  
>>> page. The client can display that in llMozLib or redirect to an  
>>> external browser. It can even use the existing framework for  
>>> llLoadURL to give the user a dialog approving that redirect.
>
> The message would be displayed, and instead of using the llLoadURL  
> dialog you'd just put a "(More Information)" button next to the  
> message... clicking that would follow the redirect.

Sounds appropriate.

Donovan

Previous message: [sldev] Re: [VWR] Web login without llmozlib
Next message: [sldev] Re: [VWR] Web login without llmozlib
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the SLDev mailing list