Item2248: If a user does not have permission to use view a web, don't use that web's SKIN setting.
Priority: Enhancement
Current State: Confirmed
Released In: n/a
Target Release: n/a
as it breaks the security principle of not revealing un-authorised facts to unauthorised users.
it should fall back on the site's skin
(ok, so this may not be desirable for sites where security isn't as major a concern, some of us have users that don't want other users to know about their confidential webs - and the skin is a bit of a giveaway)
I may make a plugin to see how this can be implemented, but more likely it'll be an extra expert cfg option for the templateLoginManager
--
SvenDowideit - 14 Oct 2009