[sldev] RFC: design proposal for VWR-1071

[Mike Monkowski]

Cypren Christenson wrote:
> * The use of a combo box for the first field, with selection setting
> the contents of multiple fields, may be confusing. Any other options
> here that would be more intuitive while also keeping the aesthetic
> sensibility of the existing login screen would be welcome.

How about auto completion?

> * Possible security concerns with the characters selected for the
> delimiters. With LLPanel::childSetPrevalidate to filter characters
> from input, the worst-case scenario seems to be that a malicious user
> could edit settings files and induce boost::tokenizer to fail to parse
> the string correctly. In that event, we would simply clear the
> relevant fields. Are there other concerns I'm missing?

I think the settings are FirstName and LastName.  I don't see the 
password in the settings file.  But instead of mashing everything 
together, you could create setting called FirstNameAlt1, FirstNameAlt2, 
LastNameAlt1, LastNameAlt2, ...  You'd have to make sure that you move 
the names up the list when one gets deleted, otherwise you wouldn't know 
where to stop, since I don't think the settings lookup allows a wildcard.

Mike