[Koha-bugs] [Bug 30444] Enable Shibboleth option for SelfCheck modules for Koha
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Jul 25 08:55:27 CEST 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30444
--- Comment #12 from David Cook <dcook at prosentient.com.au> ---
I haven't tested this yet, but after reviewing the code... I can't wrap my head
around how this is supposed to work.
Typically, when you visit http://localhost:8080/cgi-bin/koha/sco/sco-main.pl,
the AutoSelfCheckAllowed will create an authenticated user session using
AutoSelfCheckID and AutoSelfCheckPass. Then, you either provide a cardnumber or
a username/password to move on to the actual self-checkout, but that cardnumber
or username/password doesn't create a "session".
Looking at these patches, why would an external Shibboleth login be triggered?
I see at
https://bugs.koha-community.org/bugzilla3/page.cgi?id=splinter.html&bug=30444&attachment=133615
that it says "Do Shibboleth login" but it doesn't do a Shibboleth login.
Rather, it just gets the Shibboleth details out of the environmental variables.
That assumes that you've already been redirected to a SAML IdP and been
returned back to Koha.
The only way it could work is if you logged into Koha using a SAML IdP and then
visited the self-checkout, which would bypass the AutoSelfCheckAllowed handling
because Koha privileges an existing session (supplied by CGISESSID cookie)
above all else.
But maybe I'm missing something. Could you detail the exact workflow here?
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list