<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix"><tt>Hello,</tt><tt><br>
      </tt><tt><br>
      </tt><tt>I have no answer right now for your real problem, but
        have a look to this post
        <a class="moz-txt-link-freetext" href="http://koha.1045719.n5.nabble.com/Time-for-releases-works-related-to-Drupal-gt-First-koha-restful-td5733380.html">http://koha.1045719.n5.nabble.com/Time-for-releases-works-related-to-Drupal-gt-First-koha-restful-td5733380.html</a>
        about our work on "some connector code to extend some
        functionality of our Koha instance by interacting with another
        web app we use", could be helpful.</tt><tt><br>
      </tt><tt><br>
      </tt><tt>Claire.</tt><tt><br>
      </tt><tt><br>
      </tt><tt>Le 18/02/2013 15:34, Fitzpatrick, Christopher a écrit :</tt><tt><br>
      </tt></div>
    <blockquote
cite="mid:CANzSRvY4=A5Ps5NY5fcU24Lqvko-+XzULaT4kXxj=NNdMkM=nQ@mail.gmail.com"
      type="cite">
      <div dir="ltr"><tt><br>
        </tt>
        <div style=""><tt>Hi everyone,</tt></div>
        <div style=""><tt><br>
          </tt></div>
        <div style=""><tt>I've just started working on some "connector"
            code to extend some functionality of our Koha instance by
            interacting with another web app we use. I'm wanting
            to authenticate users to their Koha accounts and it seems
            like using the ILSDI api would be the easiest way, since it
            would it would allow me to not have to make a direct DB
            connection. </tt></div>
        <div style=""><tt><br>
          </tt></div>
        <div style=""><tt>However, looking at the AuthenticatePatron
            action,  I'm not too comfortable passing username and
            password simply as clear text GET parameters, so I am trying
            to come up with some ways to avoid this, as it's not very
            secure. Limiting IP access to the </tt><tt><a
              moz-do-not-send="true" href="http://ilsdi.pl">ilsdi.pl</a></tt><tt>
            probably does not  complete resolve this issue, since the
            username and password will still be captured in the http
            logs. I am curious what are some of the security measures
            others are using when using this api? </tt></div>
        <div style=""><tt><br>
          </tt></div>
        <div style=""><tt>Thanks for any help! Very
            much appreciated...best, chris fitzpatrick </tt></div>
      </div>
      <tt><br>
      </tt>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <tt><br>
      </tt>
      <pre wrap="">_______________________________________________
Koha-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Koha-devel@lists.koha-community.org">Koha-devel@lists.koha-community.org</a>
<a class="moz-txt-link-freetext" href="http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel">http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel</a>
website : <a class="moz-txt-link-freetext" href="http://www.koha-community.org/">http://www.koha-community.org/</a>
git : <a class="moz-txt-link-freetext" href="http://git.koha-community.org/">http://git.koha-community.org/</a>
bugs : <a class="moz-txt-link-freetext" href="http://bugs.koha-community.org/">http://bugs.koha-community.org/</a></pre>
    </blockquote>
    <tt><br>
    </tt>
  </body>
</html>