[Bug 28093] New: Additional configuration option(s) for Shibboleth-only mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28093 Bug ID: 28093 Summary: Additional configuration option(s) for Shibboleth-only mode Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Authentication Assignee: koha-bugs@lists.koha-community.org Reporter: Boze.1@nd.edu QA Contact: testopia@bugs.koha-community.org CC: dpavlin@rot13.org Regarding bug 18506 , in the staff client with Shibboleth Only Mode enabled, when one logs out, the user is immediately logged back in to the staff client. I understand that this is the intended behavior and could be solved by using Single LogOut (SLO). SLO, however, would log the user out of all current Shibboleth sessions, which would not be desirable (for us). In addition, if the user is already logged in to Shibboleth, when visiting the staff client for the first time, the user is automatically logged in without seeing a login page. We would find it preferable if there were an option for Shibboleth-only mode (in the staff client) to have a landing page that would prompt the user to log in (whether or not the user had already authenticated). If the user was already authenticated, the user would simply be passed on to the staff client without needing to provide credentials. On logout, the user would return to the landing page but not be logged out of Shibboleth. Another alternative could be to have a new option that would disable local logins (except for self checkout) if some other authentication method (CAS, Shibboleth) has been activated. Basically this would look the same as the current login page, but with no option for local login. On logout, the user would be returned to the login page. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28093 Fridolin Somers <fridolin.somers@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fridolin.somers@biblibre.co | |m See Also| |https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=18506 -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28093 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dcook@prosentient.com.au --- Comment #1 from David Cook <dcook@prosentient.com.au> --- Sounds reasonable to me. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28093 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.renvoize@ptfs-europe | |.com --- Comment #2 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Nice idea.. I think it makes a lot of sense to allow disabling of the local login type as an option. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28093 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|koha-bugs@lists.koha-commun |martin.renvoize@ptfs-europe |ity.org |.com -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28093 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Change sponsored?|--- |Seeking sponsor -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28093 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nick@bywatersolutions.com --- Comment #3 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- *** Bug 22842 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28093 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=33614 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28093 --- Comment #4 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- I was looking into making the bug description a bit more specific, but now I am not sure if this shouldn't be separate bugs: * Add a landing page for Shibboleth/external auth that the user is redirected to * when being automatically logged in * when logging out I wonder if the first could be annoying or if we should still provide way to get to the URL that was originally requested somehow. * Deactivate local login if external auth is activated. It looks like we already have this for Shibboleth with OPACShibOnly/staffShibOnly? So would this be for extending this beyond Shibboleth? -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org