[Koha-bugs] [Bug 30444] Enable Shibboleth option for SelfCheck modules for Koha
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Aug 3 08:11:10 CEST 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30444
--- Comment #18 from Alex Buckley <alexbuckley at catalyst.net.nz> ---
(In reply to David Cook from comment #16)
> (In reply to Alex Buckley from comment #15)
> > Hi David,
> >
> > Thank you for your questions and my apologies for my late reply.
> >
> > The exact workflow we are wanting to follow with this patchset is:
> >
> > 1. A patron logs into the OPAC via SSO shibboleth
> >
> > 2. They visit the self-checkout page
> >
> > 3. As Koha is configured with AutoSelfCheckAllowed = allowed, and
> > AutoSelfCheckId and AutoSelfCheckPass set to a patron with 'circulate'
> > permissions that patron is used to automatically authenticate to the
> > self-checkout page
> >
> > 4. Instead of displaying a form asking for the identity (username/password
> > or cardnumber) of the patron we want to check out to, our patch skips that
> > form by identifying the person logged into the OPAC as the patron to check
> > out to
> >
> > So in short, the only difference in behaviour our patchset should have is
> > skipping the form asking for the identity of the patron we want to checkout
> > too.
> >
> > Does this help clarify the intent?
>
> Thanks, Alex. That does clarify things a bit.
>
> What happens after the user clicks "Finish" and "End session" in the
> self-checkout? Since they're still logged into the Shibboleth IdP, won't
> they get stuck in an infinite loop?
Thanks David.
Ideally, they should be redirected back to the OPAC home page. I see on stock
22.05 that if you hit 'Finish' you're redirected to the form for entering
cardnumber or username/password.
Checking a test site I have this patchset running on if I hit 'Finish' the
self-checkout page re-loads and I am still logged in - see attached screenshot.
I had a discussion with Chris and we thought it would be a good idea if I move
some of the patchset logic I have in C4/Auth->checkauth() and sco-main.pl into
a new subroutine in C4/Auth_with_shibboleth.pm. What are your thoughts on
this?
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list