New login screen
We deployed a small update of BlogBuilder this morning. There is one BIG change you will notice, the new login screen.
We have a new single sign-on (SSO) system that we are starting to roll out across all of our services. Part of this is to switch all login screens from the current pop-ups and various other types to a single full screen login page.
You don't actually have to do anything differently or use a different login, it will all work as before with the exception being that you will be taken off to this full screen instead of the pop-up. As Warwick Blogs users will be the first to use this system, any feedback would be much appreciated.
Update: I should have mentioned that with this login screen, if you completely close your web browser, it will log you out. This is for security reasons so that someone else can not just come along and open up and browser and be logged in as you
Update 2: There is now a remember me checkbox that you can use to stay logged in between closes of the browser
14 Oct 2005 10:37
| 
Tags: BlogBuilder Single Sign On
| 
Comments (31)
| 
Report a problem
31 comments by 3 or more people
[Skip to the latest comment]It logs me out far too quickly
I used to be able to leave myself logged in on my home computer and thus not have to log in every time I wanted to read/write entries.
Today I have logged in 3 times in the last 25 minutes
14 Oct 2005, 12:46
Mathew Mannion
It appears that sessions are only lasting while the browser is open, which is, as Michael said, a little bit irritating…
14 Oct 2005, 13:21
I'm afraid this was a conscious decision for security reasons. The new SSO will no longer keep you logged in all day long regardless. You will need to log back in if you close your browser down. I know it is a slight irritation, but as they say…it's for your own good :)
14 Oct 2005, 13:34
Mathew Mannion
Can't I select "Unsecure home computer" mode? :(
14 Oct 2005, 13:38
How about a "Remember me" tick-box?
14 Oct 2005, 16:09
Or at least the ability to use the Password manager in Firefox/IE/Safari. Using the Engineering Undergrad website once update with this SSO will become extremely irritating quckly
14 Oct 2005, 20:03
Lee Davis
Signing you out when you close the browser is less irritating than it deciding to sign you out just before you try to submit an entry or comment. having firefox not even remember your username is highly annoying though, especially as I frequently mistype it.
15 Oct 2005, 11:17
I agree that it's annoying to be signed out every time… A remember me box would be the best answer surely?
15 Oct 2005, 19:42
Grr! can it not even remember my username? Its very annoying.
16 Oct 2005, 11:50
I agree with all these comments – a system similar to that used by Hotmail (remember username/password, username only, or nothing at all) would surely be far better.
16 Oct 2005, 21:00
Also, it seems slower, not sure if it actually is or not. Could be a perception thing, as you ahve to do more to log in (ie typing) and also the page itself changes. But it certainly seemer slower to me!
16 Oct 2005, 22:06
Hi everyone,
Thanks for all your feedback. This is just why we released the new login screen to you lot first as you're a good test group. We'll take all of your ideas into consideration, but we've got to balance the security and the usability, perhaps we have gone a bit too far away from the usability side.
17 Oct 2005, 10:16
it's a good thing in a way. having to log in every time makes the blogs slightly less attractive as a means of procastination ;)
18 Oct 2005, 00:35
"Or at least the ability to use the Password manager in Firefox/IE/Safari. Using the Engineering Undergrad website once update with this SSO will become extremely irritating quckly."
There is small javascript you can add to your favorites as a way around this, I won't post it here as it may its kinda counterproductive to what ITS are trying to do. Let me know if you want a link to it. This also works with other sites that do the same thing, and it is annoying.
18 Oct 2005, 02:04
What p***es me off is when I want to have blogs open in two windows (say I'm trackbacking another enrty and want to have it up to refer to for example, or I want to browse recent entries while I'm uploading images) I have to log in on each. Someone told me to get firefox to get around it, but I DON'T WANT TO - IE is one of my last protections from entering the ranks of the geek!
18 Oct 2005, 09:27
Just to let everyone know that there will be a new version of the login screen probably by tomorrow which will have a 'Remember me' checkbox that will keep your login alive for up to 12 hours and between closes of the browser. The code to prevent the auto-completion in the username field will also be gone.
Helen: That sounds like a messed up browser as that should definately not happen. Sounds like you should change to Firefox because your IE is broken :(
18 Oct 2005, 09:33
it's on the uni computers as wekk Keiran so it's not just my IE
18 Oct 2005, 09:48
*well
18 Oct 2005, 09:48
Ok, thanks for that Helen. We'll check it out.
18 Oct 2005, 09:49
Lee Davis
Helen, if you open the second window by right clicking on a link and select 'open in new window' it should work. If you just open a new instance of IE then it won't.
18 Oct 2005, 14:20
You hit the nail on the head Lee. The way the sessions work with IE is such that doing 'Ctrl-N' is kind of a copy of the existing instance of the browser, including all cookies, but starting a fresh one from the desktop/start menu link is a completely new version without the session cookies from your previous browser. IE, don't you love it.
18 Oct 2005, 14:27
As I'm sure people will have noticed, there is now a 'Remember me' tick box that you can use to keep yourself logged in longer. It is defaulting to off the first time you visit, but it will then remember your choice. It will now also allow browsers to autocomplete on the username field.
Enjoy.
19 Oct 2005, 10:03
Ah yes, much improved. I feel I can begin to let Single Sign-On into my life now :)
19 Oct 2005, 10:36
n00b question, but how do you make sure non-logged in users can only comment if they leave an email address?
20 Oct 2005, 21:13
Hi Nathaniel. I'm afraid you can't. The problem is that there is no point just forcing someone to put in an email address because there is no way of knowing if it is valid or fake without a more complex system of email verification. Sorry.
21 Oct 2005, 08:49
yeah true
23 Oct 2005, 00:47
Speaking of non-logged-in users, can I just check you're aware of a very minor bug on the My Comments page?
I use the "Sort by the date of the most recent comment on the entry" option, and it doesn't seem to like shuffling non-logged-in people's comments up to the top. Unfortunately, having the bug fixed would mean Mat's Tabby Callaghan post would keep coming back up to the top of my list, but that's my own fault.
I find SSO works fine – perhaps slightly more intrusive than the old pop-up, but more accessible to non-JS-enabled browsers, and I'm sure has many benefits for everyone who's still a student.
27 Oct 2005, 17:00
Thanks for pointing that out Simon, we'll look into it.
28 Oct 2005, 09:26
Any luck with finding the source of this problem? I'm still seeing it!
22 Nov 2005, 16:53
Now fixed.
23 Nov 2005, 12:26
Thanks!
27 Nov 2005, 17:51
Add a comment
You are not allowed to comment on this entry as it has restricted commenting permissions.