NewLoginNB

New login page on netbeans.org

The credentials are sent to netbeans.org as plain text over http that is insecure. That's a violation of Sun's security policies and Sun's business practices. Therefore, we must to resolve this issue and switch to https protocol for pages that have included login form. The login form is available on many pages at */community/* section. The simplest fix would be to use https for all these pages. However, some of these pages might be used in IDE and probably will not work. The second option how to resolve this issue is used the login form from junction2 that already supports https. Since this change is in workflow we need to follow HIE review.

The current state

User clicks to Login link at the community pages and the login form is expanded at the same page, see the screenshot. The user then might provide credentials and continue in browsing of pages that require login. However, there is inconsistency in login area over several web services like wiki, bugzilla, see the Finding-18 at UI review http://xdesign-tools.czech.sun.com/projects/netbeans/netbeans.org_migration_UI_review/index.html

Image:login_now_NewLoginNB.png

Proposal

The proposal is to use the central login page for all services like wiki, user&project management and bugzilla. If the user will click to Login then he will be redirected to login page (see the screenshot below) and then after successful login he will be redirected back to the original page and might continue in browsing protected pages. The main change is that we will use separate login page instead of embedded login area. The similar approach is used at the many sites on the internet like FaceBook, linked.in, .....

Image:new_login_NewLoginNB.png

Not logged in. Log in, Register

By use of this website, you agree to the NetBeans Policies and Terms of Use. © 2012, Oracle Corporation and/or its affiliates. Sponsored by Oracle logo