Ver -

Help Menu: Section 3 - Security

This is the BugLite help system, a detailed table of contents is available here...
The navigation bars at the top and bottom of each screen can also assist you. more...

logout back  main admin help

Table of Contents

Expanded Contents

Detailed Content List








Information & Reports


Database Tools


Site Tools

Revision History

2011 Versions

2010 Versions

Section - 3.1 Overview

 Rev Jan 1, 2011

This section explains how the login system is designed and how it provides access to advanced features. The built in security features are supported in several ways. For example some security features are enforced through user login type, user privileges, menu access, hidden tokens or a combination of these.

To help suppress attacks, and because this document is readable by all users, only the security features necessary for administration will be discussed.(there are several other security features besides those just mentioned)

Section - 3.2 Guest Login

 Section rev Jan 1, 2011

The most basic security decision to make is whether to allow unregistered users public access. While the permissions can be customized so that no harm can be done, allowing unregistered logins does let every one read about your problems. Given your circumstances, is this a good idea?

The login setting are located at...
admin -> site menu. Notice the setting for whether the site is public?

Whether unregistered login's are allowed, is displayed as part of the login form. The message shown depends on what the admin has chosen.

If public guest logins are allowed, then the permissions are set by user #3 at...
admin -> user menu.

Section - 3.3 Auto Register

 Section rev Jan 1, 2011

The next security choice is whether to allow a user that has just registered, to immediately be able to login.

The login setting for this is located at the...
admin -> site menu.

After a new user registers, a message will be displayed that tells them whether they must wait for approval or they are allowed to immediately login.

If auto Register is allowed, the new user will be given the default permisssions set for user #2. Unless changed by the admin, the settings are as follows...

Section - 3.4 User Privleges

 Section rev Jan 1, 2011

When a new user is created or they are allowed to auto register, the default user #2 settings are used for permissions (see previous section). Listed below are considerations that should be given when assigning privileges. The obvious choices have not been included.

legal name

It is important that a legal name is provided. It would be used if an email or some other type of communication is needed.


Can this user access the admin menu? Having access to the admin\ menu provides unlimited access and edit capability.


Can this user see the statistics? On large corporate projects, it may be advisable to allow everyone to write bug reports but you may not want to let the user see the response times, types of problems, or volume of bugs.


In certain instances, you may want user sto be able to view the status of the development, but may not want them to be able to create new bug reports.


A modest set of pre-made serchs are provided. Do you want this person to create custome search criteria? Allowing custom searches will allow unlimited access to the bug history and reports.

← previous section table of contents next section →

logout back  main admin help