[Bug 8446] New: Shibboleth authentication patch
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Priority: P5 - low Change sponsored?: --- Bug ID: 8446 CC: dpavlin@rot13.org Assignee: gmcharlt@gmail.com Summary: Shibboleth authentication patch Severity: enhancement Classification: Unclassified OS: All Reporter: francart@gmail.com Hardware: All Status: NEW Version: rel_3_8 Component: Authentication Product: Koha Created attachment 10841 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=10841&action=edit Shibboleth patch for Auth.pm on Koha 3.8 I wrote rudimentary Shibboleth login support for Koha. It's quite specific to our university and Koha setup, but should be easy to modify. I hope someone finds it useful. The attached patch can be applied to lib/C4/Auth.pm of Koha 3.8.2 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |tomascohen@gmail.com -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #1 from Tomás Cohen Arazi <tomascohen@gmail.com> --- What do u think the workflow for Shibboleth integration should be? It looks you are assuming the user has logued in in another tab in the browser. Maybe it should be better integrated. Also, how does a shibboleth user relates to a koha user? (has your Shibboleth implementation direct access to the Koha DB?) I'd like to have this integration too, ence the questions. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #2 from Tom Francart <francart@gmail.com> --- (In reply to comment #1)
What do u think the workflow for Shibboleth integration should be? It looks you are assuming the user has logued in in another tab in the browser.
I'm using .htaccess files, e.g.: AuthType shibboleth ShibRequireSession On require KULouNumber 50000672
Maybe it should be better integrated. Also, how does a shibboleth user relates to a koha user? (has your Shibboleth implementation direct access to the Koha DB?)
A new Koha user is added when the shibboleth user is not found in the Koha database (see patch) -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Matthias Meusburger <matthias.meusburger@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |matthias.meusburger@biblibr | |e.com --- Comment #3 from Matthias Meusburger <matthias.meusburger@biblibre.com> --- Hi, we also made a Shibboleth implementation for koha, you can have a look at it here: http://git.biblibre.com/?p=koha;a=commit;h=b5257f7235a7cbad396d1a4036101ba6a... Our implementation may be more generic in that: - you can enable/disable Shibboleth authentication. - you can choose which shibboleth attribute will match the koha login, with a syspref. - Shibboleth authentication is shown at OPAC when enabled, so users can connect through Shibboleth directly from Koha. On the other hand, your implementation creates users when they don't exist in koha, and our does not. Our implementation also do not use other Shibboleth attributes than the one used for authentication. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.renvoize@ptfs-europe | |.com --- Comment #4 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- I'm interested in testing either/both of these patches, and have grabbed a copy of Matthias's code for a start and rebased it onto 3.12 (I don't think it would be too difficult to rebase onto master, but 3.12 was what I had to hand). Could one of your put up a test plan please, including any apache steps you've undertaken? Cheers -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Pete <pgsengstock@wisc.edu> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |pgsengstock@wisc.edu --- Comment #5 from Pete <pgsengstock@wisc.edu> --- Martin, have you made any headway on shib in 3.12? We're also hoping to get this running. Thanks! -Pete (In reply to Martin Renvoize from comment #4)
I'm interested in testing either/both of these patches, and have grabbed a copy of Matthias's code for a start and rebased it onto 3.12 (I don't think it would be too difficult to rebase onto master, but 3.12 was what I had to hand).
Could one of your put up a test plan please, including any apache steps you've undertaken?
Cheers
-- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #6 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Hi Pete, You have good timing, I've made lots of headway and am hoping to submit the patches soon. I've based my work mostly upon the work done by Matthias linked to above, with a few additions inspired by Tom's work. The biggest barrier to entry on this is understanding how shibboleth all fits together and how to test it so I'm currently writing a test plan with such instructions. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |katrin.fischer@bsz-bw.de -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #7 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- OK.. as an update from kohacon13 hackfest. My aim is to rebase Matthias's git branch to apply to master and post his work up as a squashed patch that I'll have signed off. I'll then add a full testplan (including a guide to the difficult bit of setting up the shibboleth apache modules and shibd deamon and metadata exchange) Hopefully, I'll then be able to poke a few people into testing against our test shibboleth IdP to add additional signoffs... Watch this space. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #10841|0 |1 is obsolete| | Status|NEW |Needs Signoff Assignee|gmcharlt@gmail.com |martin.renvoize@ptfs-europe | |.com --- Comment #8 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 22098 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=22098&action=edit Matthias's work, rebased on master OK.. Step one, I've rebased Matthias's work upon master and squashed it into one patch. This patch impliments authentication only (i.e no update/additions of user data).. that will hopefully be in a followup patch on another bug by either myself or Jesse W (of Bywater Solutions). Test plan, and my initial signoff to follow. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #9 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- The promised test plan... First up, you'll need to install some additional debian packages: 1. Install shibboleth deamon and apache shibboleth module (Testing upon Debian 7.1 is best, as packages are updated and simpler to configure) sudo apt-get install libapache2-mod-shib2 libshibsp5:amd64 shibboleth-sp2-schemas 2. Configure shibboleth 'party of trust' arrangement (i.e. trade metadata keys with your IdP.. see next comment for details) 3. Configure shibboleth attribute mapping (see next comment for further details) 4. Configure OPAC Virtualhost to enable shibboleth authentication (add the foloowing to your virtualhost) <Location /> AuthType shibboleth Require shibboleth </Location> Note: The above will enable shibboleth authentication with a fallback to local (or CAS, or LDAP, or Persona).. you can adapt this to enable Shibboleth only if you like 5. You should have some now options in the staff client under 'Administration > System Preferences > Shibboleth Authentication'. Enable 'Shibboleth Authentication' and set the 'login attribute' to match what you setup in step 3. 6. Test login in the OPAC. You should either be logged in directly (if you are already logged into your IdP by some other means) or when clicking 'Login' you should see the option to login via Shibboleth which will redirect you to your IdP for authentication. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #10 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- So.... the most complicated bit of all this (as you may have guessed) is actually in steps 2. and 3. above! Step 2 - Configuring Shibboleth party of trust. Shibboleth config files should be located at: /etc/shibboleth The important files are: shibboleth2.xml - The main config file attribute-map.xml - The attribute mapping file You will also want to create a directory to keep IdP metadata backups within: mkdir /var/cache/shibboleth/metadata/ chown -r _shibd:_shibd /var/shibboleth/metadata Let's configure some things: 1. First up, we need to setup the SP (Service Provider) identity. In the shibboleth2.xml file you should find a line similar to: <ApplicationDefaults entityID="https://kohaopac.mytestserver.com" Modify this so that the 'entityID' matches your OPAC URL. 2. Next, we need to tell the shibboleth daemon where the IdP (identity provider) is. In the shibboleth2.xml file you should find a block similar to: <SSO entityID="http://sso.testidentityprovider.com/auth/metadata"> SAML2 SAML1 </SSO> Modify this so that the entityID matches the IdP's sign in URL. 3. Finally, you'll need to tell the daemon where to fetch the IdP's metadata from and set a backup path: In the shibboleth2.xml file you should find a block similar to: <MetadataProvider type="XML" uri="https://sso.testidentityprovider.com/auth/metadata" backingFilePath="/var/cache/shibboleth/metadata/testidp-metadata.xml" reloadInterval="7200" > </MetadataProvider> Modify this so that the uri matches the IdP's public metadata page, and point the backingFilePath to the directory we created. 4. The config is now done... but you should create some keys to work with your shibboleth SP: sudo openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout server.key -out server.crt Your key and certicate names will obviously need to match those in the shibboleth2.xml config file. 5. Restart the shibd daemon: sudo /etc/init.d/shibd restart 6. We're about ready to swap Matadata: Tell you're IdP provider that your Metadata is available at: https://youropacurl.com/Shibboleth.sso/Metadata -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #22098|0 |1 is obsolete| | --- Comment #11 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 22107 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=22107&action=edit Matthias's work, rebased upon master Sign off - Tested as in above test plan and in live use at 2 Sites so far. I would imagine it best to have at least one further signoff given the complexity of shibboleth. I am more than happy to be of assistance to anyone wishing to test this bug, and can offer the use of a test IdP should it be required as I found I had to set one up to get my head around this patch. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #12 from Matthias Meusburger <matthias.meusburger@biblibre.com> --- Hello, Thanks Matin, for rebasing my patch, and providing a test plan :) One thing though, using $ENV{'SERVER_NAME'} is not such a good idea imho, because it won't work if koha is behind a reverse proxy. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #13 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Hmm, I hadn't thought of the reverse proxy case.. have you run up against this problem? I assume using the OPACBaseURL syspref instead is a better approach? -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Zeno Tajoli <z.tajoli@cineca.it> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |z.tajoli@cineca.it Version|3.8 |master -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #22107|0 |1 is obsolete| | --- Comment #14 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 22860 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=22860&action=edit MT8122: Adds Shibboleth authentication - Use the shibbolethAuthentication syspref to enable Shibboleth authentication - Configure the shibbolethLoginAttribute to specify which shibboleth user attribute matches the koha login - Make sure the OPACBaseURL is correctly set MT8122, Follow-up: Adds Shibboleth authentication - Fix logout bug: shibboleth logout now occurs only when the session is a shibboleth one. - Do some refactoring: getting shibboleth username is now done in C4::Auth_with_Shibboleth.pm (get_login_shib function) MT8122, Follow-up: Adds Shibboleth authentication - Adds redirect to opac after logout MT8122, Follow-up: Adds Shibboleth authentication - Shibboleth is not compatible with basic http authentication in C4/Auth.pm. This patch fixes that. MT8122, Follow-up: Adds Shibboleth authentication - Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with multiple vhosts. MT8122, Follow-up: Adds Shibboleth authentication - Adds missing protocol for $ENV{'SERVER_NAME'} Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #15 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- As suggested by Matthias I have updated the patch to use C4::Context->preference('OPACBaseURL') in place of $ENV{SERVER_NAME} within the Auth_with_Shibboleth script. This seems to work in my testing, though I didn't know how to reproduce the issue Matthias highlights so couldn't test that it actually fixes the issue. Setting back to 'Needs Signoff' -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Frédéric Demians <frederic@tamil.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |frederic@tamil.fr -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #16 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 23224 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=23224&action=edit Bug 8446: Ensure user is returned to requested page after auth Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. (think clicking a link to opac-detail.pl?biblionumber=12345) -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #22860|0 |1 is obsolete| | --- Comment #17 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 23225 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=23225&action=edit MT8122: Adds Shibboleth authentication - Use the shibbolethAuthentication syspref to enable Shibboleth authentication - Configure the shibbolethLoginAttribute to specify which shibboleth user attribute matches the koha login - Make sure the OPACBaseURL is correctly set MT8122, Follow-up: Adds Shibboleth authentication - Fix logout bug: shibboleth logout now occurs only when the session is a shibboleth one. - Do some refactoring: getting shibboleth username is now done in C4::Auth_with_Shibboleth.pm (get_login_shib function) MT8122, Follow-up: Adds Shibboleth authentication - Adds redirect to opac after logout MT8122, Follow-up: Adds Shibboleth authentication - Shibboleth is not compatible with basic http authentication in C4/Auth.pm. This patch fixes that. MT8122, Follow-up: Adds Shibboleth authentication - Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with multiple vhosts. MT8122, Follow-up: Adds Shibboleth authentication - Adds missing protocol for $ENV{'SERVER_NAME'} Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #23224|0 |1 is obsolete| | --- Comment #18 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 23226 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=23226&action=edit BUG8446, Follow up: Adds Shibboleth authentication - Use syspref OpacBaseURL instead of ENV{'SERVER_NAME'} as this wont work if koha is behind a reverse proxy. - To use multiple vhosts, set OpacBaseURL per vhost explicitly with 'SetEnv OpacBaseURL Value' as per Bug 10325 BUG8446, Follow up: Adds Shibboleth authentication - Ensure user is returned to requested page after authentication - Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. Example where this is important: When a user clicks a direct biblio link of the form - /opac-detail.pl?biblionumber=12345 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #19 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Re-based upon master and re-squashed the commits to better reflect their authors. First patch is all Matthias's work, and second patch are my two follow up fixes to that work. Hope we can find someone to test this, I'd love to see it in community. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #23225|0 |1 is obsolete| | --- Comment #20 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 25765 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=25765&action=edit MT8122: Adds Shibboleth authentication - Use the shibbolethAuthentication syspref to enable Shibboleth authentication - Configure the shibbolethLoginAttribute to specify which shibboleth user attribute matches the koha login - Make sure the OPACBaseURL is correctly set MT8122, Follow-up: Adds Shibboleth authentication - Fix logout bug: shibboleth logout now occurs only when the session is a shibboleth one. - Do some refactoring: getting shibboleth username is now done in C4::Auth_with_Shibboleth.pm (get_login_shib function) MT8122, Follow-up: Adds Shibboleth authentication - Adds redirect to opac after logout MT8122, Follow-up: Adds Shibboleth authentication - Shibboleth is not compatible with basic http authentication in C4/Auth.pm. This patch fixes that. MT8122, Follow-up: Adds Shibboleth authentication - Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with multiple vhosts. MT8122, Follow-up: Adds Shibboleth authentication - Adds missing protocol for $ENV{'SERVER_NAME'} Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #23226|0 |1 is obsolete| | --- Comment #21 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 25766 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=25766&action=edit BUG8446, Follow up: Adds Shibboleth authentication - Use syspref OpacBaseURL instead of ENV{'SERVER_NAME'} as this wont work if koha is behind a reverse proxy. - To use multiple vhosts, set OpacBaseURL per vhost explicitly with 'SetEnv OpacBaseURL Value' as per Bug 10325 BUG8446, Follow up: Adds Shibboleth authentication - Ensure user is returned to requested page after authentication - Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. Example where this is important: When a user clicks a direct biblio link of the form - /opac-detail.pl?biblionumber=12345 BUG8446, Follow up: Remove unused imports from scripts - Remove import of deprecated C4::Utils module from shibboleth authentication module: Auth_with_shibboleth.pm -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #22 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Rebased upon master and added a follow-up to remove unused imports from Auth_with_shibboleth.pm -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Jesse Weaver <jweaver@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #25765|0 |1 is obsolete| | --- Comment #23 from Jesse Weaver <jweaver@bywatersolutions.com> --- Created attachment 26176 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=26176&action=edit MT8122: Adds Shibboleth authentication - Use the shibbolethAuthentication syspref to enable Shibboleth authentication - Configure the shibbolethLoginAttribute to specify which shibboleth user attribute matches the koha login - Make sure the OPACBaseURL is correctly set MT8122, Follow-up: Adds Shibboleth authentication - Fix logout bug: shibboleth logout now occurs only when the session is a shibboleth one. - Do some refactoring: getting shibboleth username is now done in C4::Auth_with_Shibboleth.pm (get_login_shib function) MT8122, Follow-up: Adds Shibboleth authentication - Adds redirect to opac after logout MT8122, Follow-up: Adds Shibboleth authentication - Shibboleth is not compatible with basic http authentication in C4/Auth.pm. This patch fixes that. MT8122, Follow-up: Adds Shibboleth authentication - Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with multiple vhosts. MT8122, Follow-up: Adds Shibboleth authentication - Adds missing protocol for $ENV{'SERVER_NAME'} Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> http://bugs.koha-community.org/show_bug.cgi?id=8446 Signed-off-by: Jesse Weaver <pianohacker@gmail.com> (ByWater employee.) -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Jesse Weaver <jweaver@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #25766|0 |1 is obsolete| | --- Comment #24 from Jesse Weaver <jweaver@bywatersolutions.com> --- Created attachment 26177 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=26177&action=edit BUG8446, Follow up: Adds Shibboleth authentication - Use syspref OpacBaseURL instead of ENV{'SERVER_NAME'} as this wont work if koha is behind a reverse proxy. - To use multiple vhosts, set OpacBaseURL per vhost explicitly with 'SetEnv OpacBaseURL Value' as per Bug 10325 BUG8446, Follow up: Adds Shibboleth authentication - Ensure user is returned to requested page after authentication - Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. Example where this is important: When a user clicks a direct biblio link of the form - /opac-detail.pl?biblionumber=12345 BUG8446, Follow up: Remove unused imports from scripts - Remove import of deprecated C4::Utils module from shibboleth authentication module: Auth_with_shibboleth.pm Signed-off-by: Jesse Weaver <pianohacker@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #25 from Jesse Weaver <jweaver@bywatersolutions.com> --- Created attachment 26178 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=26178&action=edit Bug 8446 - Followup: Remove unnecessary sysprefs, move to config -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #26178|0 |1 is obsolete| | --- Comment #26 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 26187 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=26187&action=edit [SIGNED OFF] Bug 8446 - Followup: Remove unnecessary sysprefs, move to config Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #27 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Cheers Jesse, All sensible changes and some neatening of the code. This is deffinitely somthing that should be based in config as apposed to sysprefs so very happy you've implimented that. Lets hope we can get QA on this now ;) -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #26176|0 |1 is obsolete| | --- Comment #28 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 26749 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=26749&action=edit [SIGNED OFF] MT8122: Adds Shibboleth authentication - Use the shibbolethAuthentication syspref to enable Shibboleth authentication - Configure the shibbolethLoginAttribute to specify which shibboleth user attribute matches the koha login - Make sure the OPACBaseURL is correctly set MT8122, Follow-up: Adds Shibboleth authentication - Fix logout bug: shibboleth logout now occurs only when the session is a shibboleth one. - Do some refactoring: getting shibboleth username is now done in C4::Auth_with_Shibboleth.pm (get_login_shib function) MT8122, Follow-up: Adds Shibboleth authentication - Adds redirect to opac after logout MT8122, Follow-up: Adds Shibboleth authentication - Shibboleth is not compatible with basic http authentication in C4/Auth.pm. This patch fixes that. MT8122, Follow-up: Adds Shibboleth authentication - Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with multiple vhosts. MT8122, Follow-up: Adds Shibboleth authentication - Adds missing protocol for $ENV{'SERVER_NAME'} Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> http://bugs.koha-community.org/show_bug.cgi?id=8446 Signed-off-by: Jesse Weaver <pianohacker@gmail.com> (ByWater employee.) -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #26177|0 |1 is obsolete| | --- Comment #29 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 26750 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=26750&action=edit [SIGNED OFF] BUG8446, Follow up: Adds Shibboleth authentication - Use syspref OpacBaseURL instead of ENV{'SERVER_NAME'} as this wont work if koha is behind a reverse proxy. - To use multiple vhosts, set OpacBaseURL per vhost explicitly with 'SetEnv OpacBaseURL Value' as per Bug 10325 BUG8446, Follow up: Adds Shibboleth authentication - Ensure user is returned to requested page after authentication - Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. Example where this is important: When a user clicks a direct biblio link of the form - /opac-detail.pl?biblionumber=12345 BUG8446, Follow up: Remove unused imports from scripts - Remove import of deprecated C4::Utils module from shibboleth authentication module: Auth_with_shibboleth.pm Signed-off-by: Jesse Weaver <pianohacker@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #26187|0 |1 is obsolete| | --- Comment #30 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 26751 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=26751&action=edit [SIGNED OFF] BUG8446, Follow up: Remove unnecessary sysprefs, move to config Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #31 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 26752 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=26752&action=edit BUG8446, Follow up: Improve local login fallback - Local fallback was not very well implimented, this patch adds better handling for such cases allowing clearer failure messages - This patch also adds the ability to use single sign on via the top bar menu in the bootstrap theme. BUG8446, Follow up: Adds perldoc documentation - Add some documentation to the Auth_with_Shibboleth module including some guidance as to configuration. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #32 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Some follow-up work to allow better error handling when a shibboleth session exists but does not match a koha user, and allow for shibboleth login from the front page in bootstrap should you not already be logged in. I've also added the beginnings of a perldoc to the Auth_with_shibboleth.pm module to guide configuration. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #26752|0 |1 is obsolete| | --- Comment #33 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 26760 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=26760&action=edit BUG8446, Follow up: Improve local login fallback - Local fallback was not very well implimented, this patch adds better handling for such cases allowing clearer failure messages - This patch also adds the ability to use single sign on via the top bar menu in the bootstrap theme. BUG8446, Follow up: Adds perldoc documentation - Add some documentation to the Auth_with_Shibboleth module including some guidance as to configuration. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #34 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- I have a work in progress branch for all things shib related available at: https://github.com/PTFS-Europe/koha/tree/bug_8466-shibboleth I intend so add some new bugs in the coming days to enhance upon this base. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #35 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 26761 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=26761&action=edit BUG8446, Follow up: Correct filenames to match guidlines - Moved Auth_with_Shibboleth.pm to Auth_with_shibboleth.pm to match other files present on the system. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #36 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 26762 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=26762&action=edit BUG8446, Follow up: Correct paths after file rename -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |12026 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |12027 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 mathieu saby <mathsabypro@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mathsabypro@gmail.com -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dcook@prosentient.com.au --- Comment #37 from David Cook <dcook@prosentient.com.au> --- Really interested by this one, but don't think I have any way of testing it... -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #38 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- I can walk you through testing if your willing... There an open IdP, https://openidp.feide.no/, in germany that allows registering of accounts for testing service providers. It'll give you a login to koha via your google identity through feide's idp service. Shout on IRC if you want some guidance on how to work through it, but we're now at a point where most of it is documented and feide provide the ability to test, and I'd love to get someone's opinion on what doc I've written so far. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #39 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 28892 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=28892&action=edit MT8122: Adds Shibboleth authentication - Use the shibbolethAuthentication syspref to enable Shibboleth authentication - Configure the shibbolethLoginAttribute to specify which shibboleth user attribute matches the koha login - Make sure the OPACBaseURL is correctly set MT8122, Follow-up: Adds Shibboleth authentication - Fix logout bug: shibboleth logout now occurs only when the session is a shibboleth one. - Do some refactoring: getting shibboleth username is now done in C4::Auth_with_Shibboleth.pm (get_login_shib function) MT8122, Follow-up: Adds Shibboleth authentication - Adds redirect to opac after logout MT8122, Follow-up: Adds Shibboleth authentication - Shibboleth is not compatible with basic http authentication in C4/Auth.pm. This patch fixes that. MT8122, Follow-up: Adds Shibboleth authentication - Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with multiple vhosts. MT8122, Follow-up: Adds Shibboleth authentication - Adds missing protocol for $ENV{'SERVER_NAME'} Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> http://bugs.koha-community.org/show_bug.cgi?id=8446 Signed-off-by: Jesse Weaver <pianohacker@gmail.com> (ByWater employee.) -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #40 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 28893 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=28893&action=edit BUG8446, Follow up: Adds Shibboleth authentication - Use syspref OpacBaseURL instead of ENV{'SERVER_NAME'} as this wont work if koha is behind a reverse proxy. - To use multiple vhosts, set OpacBaseURL per vhost explicitly with 'SetEnv OpacBaseURL Value' as per Bug 10325 BUG8446, Follow up: Adds Shibboleth authentication - Ensure user is returned to requested page after authentication - Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. Example where this is important: When a user clicks a direct biblio link of the form - /opac-detail.pl?biblionumber=12345 BUG8446, Follow up: Remove unused imports from scripts - Remove import of deprecated C4::Utils module from shibboleth authentication module: Auth_with_shibboleth.pm Signed-off-by: Jesse Weaver <pianohacker@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #41 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 28894 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=28894&action=edit BUG8446, Follow up: Remove unnecessary sysprefs, move to config Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #26760|0 |1 is obsolete| | --- Comment #42 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 28895 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=28895&action=edit BUG8446, Follow up: Improve local login fallback - Local fallback was not very well implimented, this patch adds better handling for such cases allowing clearer failure messages - This patch also adds the ability to use single sign on via the top bar menu in the bootstrap theme. BUG8446, Follow up: Adds perldoc documentation - Add some documentation to the Auth_with_Shibboleth module including some guidance as to configuration. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #26761|0 |1 is obsolete| | --- Comment #43 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 28896 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=28896&action=edit BUG8446, Follow up: Correct filenames to match guidlines - Moved Auth_with_Shibboleth.pm to Auth_with_shibboleth.pm to match other files present on the system. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #26762|0 |1 is obsolete| | --- Comment #44 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 28897 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=28897&action=edit BUG8446, Follow up: Correct paths after file rename -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #26749|0 |1 is obsolete| | --- Comment #45 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 28898 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=28898&action=edit [SIGNED OFF] MT8122: Adds Shibboleth authentication - Use the shibbolethAuthentication syspref to enable Shibboleth authentication - Configure the shibbolethLoginAttribute to specify which shibboleth user attribute matches the koha login - Make sure the OPACBaseURL is correctly set MT8122, Follow-up: Adds Shibboleth authentication - Fix logout bug: shibboleth logout now occurs only when the session is a shibboleth one. - Do some refactoring: getting shibboleth username is now done in C4::Auth_with_Shibboleth.pm (get_login_shib function) MT8122, Follow-up: Adds Shibboleth authentication - Adds redirect to opac after logout MT8122, Follow-up: Adds Shibboleth authentication - Shibboleth is not compatible with basic http authentication in C4/Auth.pm. This patch fixes that. MT8122, Follow-up: Adds Shibboleth authentication - Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with multiple vhosts. MT8122, Follow-up: Adds Shibboleth authentication - Adds missing protocol for $ENV{'SERVER_NAME'} Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> http://bugs.koha-community.org/show_bug.cgi?id=8446 Signed-off-by: Jesse Weaver <pianohacker@gmail.com> (ByWater employee.) -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #26750|0 |1 is obsolete| | --- Comment #46 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 28899 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=28899&action=edit [SIGNED OFF] BUG8446, Follow up: Adds Shibboleth authentication - Use syspref OpacBaseURL instead of ENV{'SERVER_NAME'} as this wont work if koha is behind a reverse proxy. - To use multiple vhosts, set OpacBaseURL per vhost explicitly with 'SetEnv OpacBaseURL Value' as per Bug 10325 BUG8446, Follow up: Adds Shibboleth authentication - Ensure user is returned to requested page after authentication - Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. Example where this is important: When a user clicks a direct biblio link of the form - /opac-detail.pl?biblionumber=12345 BUG8446, Follow up: Remove unused imports from scripts - Remove import of deprecated C4::Utils module from shibboleth authentication module: Auth_with_shibboleth.pm Signed-off-by: Jesse Weaver <pianohacker@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #26751|0 |1 is obsolete| | --- Comment #47 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 28900 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=28900&action=edit [SIGNED OFF] BUG8446, Follow up: Remove unnecessary sysprefs, move to config Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #28895|0 |1 is obsolete| | --- Comment #48 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 28901 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=28901&action=edit BUG8446, Follow up: Improve local login fallback - Local fallback was not very well implimented, this patch adds better handling for such cases allowing clearer failure messages - This patch also adds the ability to use single sign on via the top bar menu in the bootstrap theme. BUG8446, Follow up: Adds perldoc documentation - Add some documentation to the Auth_with_Shibboleth module including some guidance as to configuration. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #28896|0 |1 is obsolete| | --- Comment #49 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 28902 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=28902&action=edit BUG8446, Follow up: Correct filenames to match guidlines - Moved Auth_with_Shibboleth.pm to Auth_with_shibboleth.pm to match other files present on the system. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #28897|0 |1 is obsolete| | --- Comment #50 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 28903 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=28903&action=edit BUG8446, Follow up: Correct paths after file rename -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #28892|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #28893|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #28894|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |http://bugs.koha-community. | |org/bugzilla3/show_bug.cgi? | |id=12547 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #28898|0 |1 is obsolete| | --- Comment #51 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30017 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30017&action=edit MT8122: Adds Shibboleth authentication - Use the shibbolethAuthentication syspref to enable Shibboleth authentication - Configure the shibbolethLoginAttribute to specify which shibboleth user attribute matches the koha login - Make sure the OPACBaseURL is correctly set MT8122, Follow-up: Adds Shibboleth authentication - Fix logout bug: shibboleth logout now occurs only when the session is a shibboleth one. - Do some refactoring: getting shibboleth username is now done in C4::Auth_with_Shibboleth.pm (get_login_shib function) MT8122, Follow-up: Adds Shibboleth authentication - Adds redirect to opac after logout MT8122, Follow-up: Adds Shibboleth authentication - Shibboleth is not compatible with basic http authentication in C4/Auth.pm. This patch fixes that. MT8122, Follow-up: Adds Shibboleth authentication - Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with multiple vhosts. MT8122, Follow-up: Adds Shibboleth authentication - Adds missing protocol for $ENV{'SERVER_NAME'} Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> http://bugs.koha-community.org/show_bug.cgi?id=8446 Signed-off-by: Jesse Weaver <pianohacker@gmail.com> (ByWater employee.) -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #28899|0 |1 is obsolete| | --- Comment #52 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30018 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30018&action=edit BUG8446, Follow up: Adds Shibboleth authentication - Use syspref OpacBaseURL instead of ENV{'SERVER_NAME'} as this wont work if koha is behind a reverse proxy. - To use multiple vhosts, set OpacBaseURL per vhost explicitly with 'SetEnv OpacBaseURL Value' as per Bug 10325 BUG8446, Follow up: Adds Shibboleth authentication - Ensure user is returned to requested page after authentication - Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. Example where this is important: When a user clicks a direct biblio link of the form - /opac-detail.pl?biblionumber=12345 BUG8446, Follow up: Remove unused imports from scripts - Remove import of deprecated C4::Utils module from shibboleth authentication module: Auth_with_shibboleth.pm Signed-off-by: Jesse Weaver <pianohacker@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #28900|0 |1 is obsolete| | --- Comment #53 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30019 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30019&action=edit BUG8446, Follow up: Remove unnecessary sysprefs, move to config Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #28901|0 |1 is obsolete| | --- Comment #54 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30020 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30020&action=edit BUG8446, Follow up: Improve local login fallback - Local fallback was not very well implimented, this patch adds better handling for such cases allowing clearer failure messages - This patch also adds the ability to use single sign on via the top bar menu in the bootstrap theme. BUG8446, Follow up: Adds perldoc documentation - Add some documentation to the Auth_with_Shibboleth module including some guidance as to configuration. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #28902|0 |1 is obsolete| | --- Comment #55 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30021 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30021&action=edit BUG8446, Follow up: Correct filenames to match guidlines - Moved Auth_with_Shibboleth.pm to Auth_with_shibboleth.pm to match other files present on the system. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #28903|0 |1 is obsolete| | --- Comment #56 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30022 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30022&action=edit BUG8446, Follow up: Correct paths after file rename -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #57 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30023 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30023&action=edit BUG8446, Follow up: Implimented single sign out - This followup rebases the code against 3.16+ which managed to break some of the original logic. - As a side effect of the rebasing, we've also implimented the single sign out element. Upon logout, koha will request that the shibboleth session is destroyed, and then clear the local koha session upon return to koha. Due to the nature of shibboleth however, you will only truly be signed out of the IdP if they properly support Single Sign Out (which many do not). As a consequence, although you may appear to be logged out in koha, you might find that upon clicking 'login' the IdP does NOT request your login details again, but instead logs you silently back into your koha session. This is NOT a koha bug, but a shibboleth implimentation issue that is well known. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #58 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- As discussed with Thomas and Katrin I've now tracking this patch set in my public github repository and keeping it rebased appropriately. The latest version of the patch will laways be available at: https://github.com/mrenvoize/Koha/tree/bug_8446 This is basically to make it easier to apply, as not wanting to loose attribution means that squashing the patches to prevent merge conflicts with updatedatabase would be 'bad'. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #59 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Finally got this working with Martin's help! Woohooo! Some first remarks: - The link to log in with Shibboleth seems to only appear on the start page, but not for example on the result list. - It would be nice if Shib login also directed you to the patron account, like the normal login does. But maybe it's safer to always redirect to the place the user started from - in case someone logged in to place a hold or similar. Tested ok: >From start page: - OK Shib login with correct username/password - OK Shib logout with correct username/password - OK Koha login - OK Koha logout -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #60 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30030 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30030&action=edit BUG8446, Follow up: Fixed bootstrap login via modal - The bootstrap theme enable login from any opac page via modal. To enable this with shibboleth we had to make some template parameters globally accessible when shibboleth is enabled. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #61 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30031 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30031&action=edit BUG8446, Follow up: Add template rules for Shibboleth and CAS - Add template ruels so that CAS and Shibboleth can coexist. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #62 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Two QA followups -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #63 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30033 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30033&action=edit BUG8446, Follow up: Added default config to config file -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30017|0 |1 is obsolete| | --- Comment #64 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30283 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30283&action=edit MT8122: Adds Shibboleth authentication - Use the shibbolethAuthentication syspref to enable Shibboleth authentication - Configure the shibbolethLoginAttribute to specify which shibboleth user attribute matches the koha login - Make sure the OPACBaseURL is correctly set MT8122, Follow-up: Adds Shibboleth authentication - Fix logout bug: shibboleth logout now occurs only when the session is a shibboleth one. - Do some refactoring: getting shibboleth username is now done in C4::Auth_with_Shibboleth.pm (get_login_shib function) MT8122, Follow-up: Adds Shibboleth authentication - Adds redirect to opac after logout MT8122, Follow-up: Adds Shibboleth authentication - Shibboleth is not compatible with basic http authentication in C4/Auth.pm. This patch fixes that. MT8122, Follow-up: Adds Shibboleth authentication - Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with multiple vhosts. MT8122, Follow-up: Adds Shibboleth authentication - Adds missing protocol for $ENV{'SERVER_NAME'} Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> http://bugs.koha-community.org/show_bug.cgi?id=8446 Signed-off-by: Jesse Weaver <pianohacker@gmail.com> (ByWater employee.) -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30018|0 |1 is obsolete| | --- Comment #65 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30284 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30284&action=edit BUG8446, Follow up: Adds Shibboleth authentication - Use syspref OpacBaseURL instead of ENV{'SERVER_NAME'} as this wont work if koha is behind a reverse proxy. - To use multiple vhosts, set OpacBaseURL per vhost explicitly with 'SetEnv OpacBaseURL Value' as per Bug 10325 BUG8446, Follow up: Adds Shibboleth authentication - Ensure user is returned to requested page after authentication - Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. Example where this is important: When a user clicks a direct biblio link of the form - /opac-detail.pl?biblionumber=12345 BUG8446, Follow up: Remove unused imports from scripts - Remove import of deprecated C4::Utils module from shibboleth authentication module: Auth_with_shibboleth.pm Signed-off-by: Jesse Weaver <pianohacker@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30019|0 |1 is obsolete| | --- Comment #66 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30285 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30285&action=edit BUG8446, Follow up: Remove unnecessary sysprefs, move to config Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30020|0 |1 is obsolete| | Attachment #30021|0 |1 is obsolete| | Attachment #30022|0 |1 is obsolete| | Attachment #30023|0 |1 is obsolete| | Attachment #30030|0 |1 is obsolete| | Attachment #30031|0 |1 is obsolete| | Attachment #30033|0 |1 is obsolete| | --- Comment #67 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30286 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30286&action=edit BUG8446, Follow up: Improve local login fallback - Local fallback was not very well implimented, this patch adds better handling for such cases allowing clearer failure messages - This patch also adds the ability to use single sign on via the top bar menu in the bootstrap theme. BUG8446, Follow up: Adds perldoc documentation - Add some documentation to the Auth_with_Shibboleth module including some guidance as to configuration. BUG8446, Follow up: Correct filenames to match guidlines - Moved Auth_with_Shibboleth.pm to Auth_with_shibboleth.pm to match other files present on the system. BUG8446, Follow up: Correct paths after file rename BUG8446, Follow up: Implimented single sign out - This followup rebases the code against 3.16+ which managed to break some of the original logic. - As a side effect of the rebasing, we've also implimented the single sign out element. Upon logout, koha will request that the shibboleth session is destroyed, and then clear the local koha session upon return to koha. Due to the nature of shibboleth however, you will only truly be signed out of the IdP if they properly support Single Sign Out (which many do not). As a consequence, although you may appear to be logged out in koha, you might find that upon clicking 'login' the IdP does NOT request your login details again, but instead logs you silently back into your koha session. This is NOT a koha bug, but a shibboleth implimentation issue that is well known. BUG8446, Follow up: Fixed bootstrap login via modal - The bootstrap theme enable login from any opac page via modal. To enable this with shibboleth we had to make some template parameters globally accessible when shibboleth is enabled. BUG8446, Follow up: Add template rules for Shibboleth and CAS - Add template ruels so that CAS and Shibboleth can coexist. BUG8446, Follow up: Added default config to config file BUG8446, Follow up: Embelished perldoc documentation - Updated perldoc to correct detail about configuring shibboleth authentication. - Updated perldoc to include subroutines and their respective functions. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #68 from Matthias Meusburger <matthias.meusburger@biblibre.com> --- Tested ok : - CAS and Shibboleth template coexistence (even though login won't work because of the OPACBaseURL protocol issue, but that is another problem, see bug 12398 and bug 7770). - Shib login / logout (with single sign out) - koha login / logout -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30286|0 |1 is obsolete| | --- Comment #69 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30335 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30335&action=edit BUG8446, Follow up: Improve local login fallback - Local fallback was not very well implimented, this patch adds better handling for such cases allowing clearer failure messages - This patch also adds the ability to use single sign on via the top bar menu in the bootstrap theme. BUG8446, Follow up: Adds perldoc documentation - Add some documentation to the Auth_with_Shibboleth module including some guidance as to configuration. BUG8446, Follow up: Correct filenames to match guidlines - Moved Auth_with_Shibboleth.pm to Auth_with_shibboleth.pm to match other files present on the system. BUG8446, Follow up: Correct paths after file rename BUG8446, Follow up: Implimented single sign out - This followup rebases the code against 3.16+ which managed to break some of the original logic. - As a side effect of the rebasing, we've also implimented the single sign out element. Upon logout, koha will request that the shibboleth session is destroyed, and then clear the local koha session upon return to koha. Due to the nature of shibboleth however, you will only truly be signed out of the IdP if they properly support Single Sign Out (which many do not). As a consequence, although you may appear to be logged out in koha, you might find that upon clicking 'login' the IdP does NOT request your login details again, but instead logs you silently back into your koha session. This is NOT a koha bug, but a shibboleth implimentation issue that is well known. BUG8446, Follow up: Fixed bootstrap login via modal - The bootstrap theme enable login from any opac page via modal. To enable this with shibboleth we had to make some template parameters globally accessible when shibboleth is enabled. BUG8446, Follow up: Add template rules for Shibboleth and CAS - Add template ruels so that CAS and Shibboleth can coexist. BUG8446, Follow up: Added default config to config file BUG8446, Follow up: Embelished perldoc documentation - Updated perldoc to correct detail about configuring shibboleth authentication. - Updated perldoc to include subroutines and their respective functions. BUG8446, Follow up: Enable configuration of match field - Added clearer, more flexible, configuration of shibboleth attribute to koha borrower field matching for authenticaion - Correcting of documentation to make it more clear to the current implimentation - Minor refactoring of code to reduce some code duplication -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30283|0 |1 is obsolete| | --- Comment #70 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30353 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30353&action=edit MT8122: Adds Shibboleth authentication - Use the shibbolethAuthentication syspref to enable Shibboleth authentication - Configure the shibbolethLoginAttribute to specify which shibboleth user attribute matches the koha login - Make sure the OPACBaseURL is correctly set MT8122, Follow-up: Adds Shibboleth authentication - Fix logout bug: shibboleth logout now occurs only when the session is a shibboleth one. - Do some refactoring: getting shibboleth username is now done in C4::Auth_with_Shibboleth.pm (get_login_shib function) MT8122, Follow-up: Adds Shibboleth authentication - Adds redirect to opac after logout MT8122, Follow-up: Adds Shibboleth authentication - Shibboleth is not compatible with basic http authentication in C4/Auth.pm. This patch fixes that. MT8122, Follow-up: Adds Shibboleth authentication - Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with multiple vhosts. MT8122, Follow-up: Adds Shibboleth authentication - Adds missing protocol for $ENV{'SERVER_NAME'} Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> http://bugs.koha-community.org/show_bug.cgi?id=8446 Signed-off-by: Jesse Weaver <pianohacker@gmail.com> (ByWater employee.) -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30284|0 |1 is obsolete| | --- Comment #71 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30354 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30354&action=edit BUG8446, Follow up: Adds Shibboleth authentication - Use syspref OpacBaseURL instead of ENV{'SERVER_NAME'} as this wont work if koha is behind a reverse proxy. - To use multiple vhosts, set OpacBaseURL per vhost explicitly with 'SetEnv OpacBaseURL Value' as per Bug 10325 BUG8446, Follow up: Adds Shibboleth authentication - Ensure user is returned to requested page after authentication - Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. Example where this is important: When a user clicks a direct biblio link of the form - /opac-detail.pl?biblionumber=12345 BUG8446, Follow up: Remove unused imports from scripts - Remove import of deprecated C4::Utils module from shibboleth authentication module: Auth_with_shibboleth.pm Signed-off-by: Jesse Weaver <pianohacker@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30285|0 |1 is obsolete| | --- Comment #72 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30355 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30355&action=edit BUG8446, Follow up: Remove unnecessary sysprefs, move to config Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30335|0 |1 is obsolete| | --- Comment #73 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30356 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30356&action=edit BUG8446, Follow up: Improve local login fallback - Local fallback was not very well implemented, this patch adds better handling for such cases allowing clearer failure messages - This patch also adds the ability to use single sign on via the top bar menu in the bootstrap theme. BUG8446, Follow up: Adds perldoc documentation - Add some documentation to the Auth_with_Shibboleth module including some guidance as to configuration. BUG8446, Follow up: Correct filenames to match guidlines - Moved Auth_with_Shibboleth.pm to Auth_with_shibboleth.pm to match other files present on the system. BUG8446, Follow up: Correct paths after file rename BUG8446, Follow up: Implemented single sign out - This follow up rebases the code against 3.16+ which managed to break some of the original logic. - As a side effect of the rebasing, we've also implemented the single sign out element. Upon logout, koha will request that the shibboleth session is destroyed, and then clear the local koha session upon return to koha. Due to the nature of shibboleth however, you will only truly be signed out of the IdP if they properly support Single Sign Out (which many do not). As a consequence, although you may appear to be logged out in koha, you might find that upon clicking 'login' the IdP does NOT request your login details again, but instead logs you silently back into your koha session. This is NOT a koha bug, but a shibboleth implementation issue that is well known. BUG8446, Follow up: Fixed bootstrap login via modal - The bootstrap theme enable login from any opac page via modal. To enable this with shibboleth we had to make some template parameters globally accessible when shibboleth is enabled. BUG8446, Follow up: Add template rules for Shibboleth and CAS - Add template rules so that CAS and Shibboleth can coexist. BUG8446, Follow up: Added default config to config file BUG8446, Follow up: Embellished perldoc documentation - Updated perldoc to correct detail about configuring shibboleth authentication. - Updated perldoc to include subroutines and their respective functions. BUG8446, Follow up: Enable configuration of match field - Added clearer, more flexible, configuration of shibboleth attribute to koha borrower field matching for authentication - Correcting of documentation to make it more clear to the current implementation - Minor refactoring of code to reduce some code duplication -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #74 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Right.. I think we're finally there guys! This last update to the final patch takes care of a configuration issue Matthias spotted whereby the config would be parsed incorrectly. To enable forward compatibility with bug 12026 (preventing us having to handle a nasty breaking config change when pushing that patch) and to bring the config in line with that of the way the ldap config currently works the minimum xml required has changed from: <usesshibboleth>1</usesshibboleth> <shibboleth> <matchpoint>userid</matchpoint> <mapping> <userid>uid</userid> </mapping> </shibboleth> to: <usesshibboleth>1</usesshibboleth> <shibboleth> <matchpoint>userid</matchpoint> <mapping> <userid is="uid"></userid> </mapping> </shibboleth> I'm told this is more 'standard' amongst this kind of xml based mapping file and am happy going with it. It also allows for a future form to look like the below without breaking compatibility: <usesshibboleth>1</usesshibboleth> <shibboleth> <matchpoint>userid</matchpoint> <mapping> <userid is="uid" regex="s/@school.ac.uk//g"></userid> <firstname is="fn">default</firstname> </mapping> </shibboleth> The above will hopefully give you a brief glimpse into what I'm thinking for enhancing bug 12026 once this is pushed. Cheers for everyone efforts so far! -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |12680 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |12681 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |12682 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #75 from Matthias Meusburger <matthias.meusburger@biblibre.com> --- Tested ok. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Matthias Meusburger <matthias.meusburger@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30356|0 |1 is obsolete| | --- Comment #76 from Matthias Meusburger <matthias.meusburger@biblibre.com> --- Created attachment 30384 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30384&action=edit BUG8446, Follow up: Improve local login fallback Signed-off patch. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Matthias Meusburger <matthias.meusburger@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #77 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Hi Matthias, can you add your sign off line to the other patches too please? And thx for signing off! -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #78 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30594 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30594&action=edit BUG8446, Follow up: Refactor to clean up bad practice - A number of issues were highlighted whilst writing sensible unit tests for this module. - Removed unnessesary call to context->new(); - Global variables are BAD! - Croaking is a wimps way out, we should handle errors early and properly. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30353|MT8122: Adds Shibboleth |[SIGNED OFF] MT8122: Adds description|authentication |Shibboleth authentication -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30354|BUG8446, Follow up: Adds |[SIGNED OFF] BUG8446, description|Shibboleth authentication |Follow up: Adds Shibboleth | |authentication -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30355|BUG8446, Follow up: Remove |[SIGNED OFF] BUG8446, description|unnecessary sysprefs, move |Follow up: Remove |to config |unnecessary sysprefs, move | |to config -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30384|BUG8446, Follow up: Improve |[SIGNED OFF] BUG8446, description|local login fallback |Follow up: Improve local | |login fallback -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30594|0 |1 is obsolete| | --- Comment #79 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30604 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30604&action=edit BUG8446, Follow up: Refactor to clean up bad practice - A number of issues were highlighted whilst writing sensible unit tests for this module. - Removed unnessesary call to context->new(); - Global variables are BAD! - Croaking is a wimps way out, we should handle errors early and properly. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #80 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30605 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30605&action=edit BUG8446, followup: Add Unit Tests -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Needs Signoff --- Comment #81 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- So, those last two patches are in need of signoff. The first one does some much needed re-factoring of the original code to meet better (but still not best) practice ;) The latter are some basic unit tests covering a fair range of the routines so far which will be needed at QA. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Paola Rossi <paola.rossi@cineca.it> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Patch doesn't apply CC| |paola.rossi@cineca.it --- Comment #82 from Paola Rossi <paola.rossi@cineca.it> --- I've tried to apply the patches today against 3.17.00.013 Applying: MT8122: Adds Shibboleth authentication Using index info to reconstruct a base tree... Falling back to patching base and 3-way merge... Auto-merging opac/opac-user.pl Auto-merging installer/data/mysql/updatedatabase.pl CONFLICT (content): Merge conflict in installer/data/mysql/updatedatabase.pl Auto-merging C4/Auth.pm Failed to merge in the changes. Patch failed at 0001 MT8122: Adds Shibboleth authentication So I pass the patch to "Patch doesn't apply" status. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30353|0 |1 is obsolete| | --- Comment #83 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30616 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30616&action=edit [SIGNED OFF] MT8122: Adds Shibboleth authentication - Use the shibbolethAuthentication syspref to enable Shibboleth authentication - Configure the shibbolethLoginAttribute to specify which shibboleth user attribute matches the koha login - Make sure the OPACBaseURL is correctly set MT8122, Follow-up: Adds Shibboleth authentication - Fix logout bug: shibboleth logout now occurs only when the session is a shibboleth one. - Do some refactoring: getting shibboleth username is now done in C4::Auth_with_Shibboleth.pm (get_login_shib function) MT8122, Follow-up: Adds Shibboleth authentication - Adds redirect to opac after logout MT8122, Follow-up: Adds Shibboleth authentication - Shibboleth is not compatible with basic http authentication in C4/Auth.pm. This patch fixes that. MT8122, Follow-up: Adds Shibboleth authentication - Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with multiple vhosts. MT8122, Follow-up: Adds Shibboleth authentication - Adds missing protocol for $ENV{'SERVER_NAME'} Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jesse Weaver <pianohacker@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30354|0 |1 is obsolete| | --- Comment #84 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30617 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30617&action=edit [SIGNED OFF] BUG8446, Follow up: Adds Shibboleth authentication - Use syspref OpacBaseURL instead of ENV{'SERVER_NAME'} as this wont work if koha is behind a reverse proxy. - To use multiple vhosts, set OpacBaseURL per vhost explicitly with 'SetEnv OpacBaseURL Value' as per Bug 10325 BUG8446, Follow up: Adds Shibboleth authentication - Ensure user is returned to requested page after authentication - Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. Example where this is important: When a user clicks a direct biblio link of the form - /opac-detail.pl?biblionumber=12345 BUG8446, Follow up: Remove unused imports from scripts - Remove import of deprecated C4::Utils module from shibboleth authentication module: Auth_with_shibboleth.pm Signed-off-by: Jesse Weaver <pianohacker@gmail.com> Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30355|0 |1 is obsolete| | --- Comment #85 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30618 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30618&action=edit [SIGNED OFF] BUG8446, Follow up: Remove unnecessary sysprefs, move to config Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30384|0 |1 is obsolete| | --- Comment #86 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30619 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30619&action=edit [SIGNED OFF] BUG8446, Follow up: Improve local login fallback - Local fallback was not very well implemented, this patch adds better handling for such cases allowing clearer failure messages - This patch also adds the ability to use single sign on via the top bar menu in the bootstrap theme. BUG8446, Follow up: Adds perldoc documentation - Add some documentation to the Auth_with_Shibboleth module including some guidance as to configuration. BUG8446, Follow up: Correct filenames to match guidlines - Moved Auth_with_Shibboleth.pm to Auth_with_shibboleth.pm to match other files present on the system. BUG8446, Follow up: Correct paths after file rename BUG8446, Follow up: Implemented single sign out - This follow up rebases the code against 3.16+ which managed to break some of the original logic. - As a side effect of the rebasing, we've also implemented the single sign out element. Upon logout, koha will request that the shibboleth session is destroyed, and then clear the local koha session upon return to koha. Due to the nature of shibboleth however, you will only truly be signed out of the IdP if they properly support Single Sign Out (which many do not). As a consequence, although you may appear to be logged out in koha, you might find that upon clicking 'login' the IdP does NOT request your login details again, but instead logs you silently back into your koha session. This is NOT a koha bug, but a shibboleth implementation issue that is well known. BUG8446, Follow up: Fixed bootstrap login via modal - The bootstrap theme enable login from any opac page via modal. To enable this with shibboleth we had to make some template parameters globally accessible when shibboleth is enabled. BUG8446, Follow up: Add template rules for Shibboleth and CAS - Add template rules so that CAS and Shibboleth can coexist. BUG8446, Follow up: Added default config to config file BUG8446, Follow up: Embellished perldoc documentation - Updated perldoc to correct detail about configuring shibboleth authentication. - Updated perldoc to include subroutines and their respective functions. BUG8446, Follow up: Enable configuration of match field - Added clearer, more flexible, configuration of shibboleth attribute to koha borrower field matching for authentication - Correcting of documentation to make it more clear to the current implementation - Minor refactoring of code to reduce some code duplication Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30604|0 |1 is obsolete| | --- Comment #87 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30620 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30620&action=edit BUG8446, Follow up: Refactor to clean up bad practice - A number of issues were highlighted whilst writing sensible unit tests for this module. - Removed unnessesary call to context->new(); - Global variables are BAD! - Croaking is a wimps way out, we should handle errors early and properly. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30605|0 |1 is obsolete| | --- Comment #88 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30621 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30621&action=edit BUG8446, followup: Add Unit Tests -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Patch doesn't apply |Needs Signoff --- Comment #89 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Rebased again.. It's only a db change that is causing this conflict every time.. and said db change is backed out in a later patch in the series anyway. (It's only for attribution for Matthias that it's still there at all). I have however got a tracking github branch which I've suggested people use for testing.. this branch is re-based nightly against master. As for testing.. give me a shout if you need any help with the config.. it's the config outside of koha which is hardest to setup. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30621|0 |1 is obsolete| | --- Comment #90 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 30684 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=30684&action=edit BUG8446, followup: Add Unit Tests -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #91 from Zeno Tajoli <z.tajoli@cineca.it> --- There is a site that seems useful to test the patch: http://testshib.org/index.html But is not clear to me if it is possible to use it as IdP and my Koha install as Service Provider. For example, do you undestand how to create a user/pwd in the IdP of http://testshib.org/ ? Probably it is possible to use also this test service: https://openidp.feide.no/. But probably is better to be Norse. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #92 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Hi Zeno, I'm pretty sure you can use testshib, and can verify you can definitely use fiede as that's what I used for allot of my own testing. The instructions on both sites seem pretty clear, but do let me know if you have any issues. Martin -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Indranil Das Gupta <indradg@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |indradg@gmail.com -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Matthias Meusburger <matthias.meusburger@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30620|0 |1 is obsolete| | --- Comment #93 from Matthias Meusburger <matthias.meusburger@biblibre.com> --- Created attachment 31407 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=31407&action=edit [SIGNED-OFF] BUG8446, Follow up: Refactor to clean up bad practice -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Matthias Meusburger <matthias.meusburger@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30684|0 |1 is obsolete| | --- Comment #94 from Matthias Meusburger <matthias.meusburger@biblibre.com> --- Created attachment 31408 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=31408&action=edit [SIGNED-OFF] BUG8446, followup: Add Unit Tests -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Matthias Meusburger <matthias.meusburger@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #95 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 31836 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=31836&action=edit BUG8446, qa-followup: Cleanup tabs and license -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #96 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 31905 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=31905&action=edit BUG8446, QA Followup: Cleanup tabs and license -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #97 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 31906 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=31906&action=edit BUG8446, QA Followup: Minor Code Tidies -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #98 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 31907 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=31907&action=edit BUG8446, QA Followup: Use DBIx::Class - Convert Auth_with_shibboleth to use dbic stanzas. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #31836|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Failed QA --- Comment #99 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Setting this to failed for now - Martin is working on a follow-up for the tests as I ran into some problems running them. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #100 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- :( It seems that mocking the database with DBD::Mock when using DBIx::Class is simply incompatible (DBIx::Class just complains about an unrecognised DBI driver, then proceeds to drop back to some default SQL and fails badly) I've been looking into alternatives, like Test::DBIx::Class (which is a module to create an in memory sql database to test against, but this route requires lots of work manually creating dummy data to test against). I then tried DBIx::Class::Sims (which is a module to automatically fill tables with randomly generated dummy data, but this approach also fails because our database schema has a large number of cyclic relationships and the Sims module doesn't cope with this well) Interesting enough, the problem I'm facing (Not wanting to have to populate the whole structure of a Borrowers Row and satisfy all constraints manually) is basically solved by the TestBuilder module we recently decided not to adopt! I'll keep battling with it, but I have a feeling the Test size will have to jump substantially as I add all the releated data in a transaction. It shouldn't be this Hard! Martin -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #31907|0 |1 is obsolete| | --- Comment #101 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 32125 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32125&action=edit BUG8446, QA Followup: Use DBIx::Class - Convert Auth_with_shibboleth to use dbic stanzas. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Signed Off --- Comment #102 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Fixed! -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #103 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 32158 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32158&action=edit BUG8446, QA Followup: Add Test::DBIx::Class to dependancies - To correct tests after converting module to dbic, we need to add the Test::DBIx::Class module as a dependancy. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Passed QA -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #31905|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #31906|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #31407|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #31408|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30616|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30617|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30618|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #30619|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #32125|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #32158|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #104 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Created attachment 32162 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32162&action=edit [PASSED QA] BUG8446, Follow up: Adds Shibboleth authentication - Use syspref OpacBaseURL instead of ENV{'SERVER_NAME'} as this wont work if koha is behind a reverse proxy. - To use multiple vhosts, set OpacBaseURL per vhost explicitly with 'SetEnv OpacBaseURL Value' as per Bug 10325 BUG8446, Follow up: Adds Shibboleth authentication - Ensure user is returned to requested page after authentication - Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. Example where this is important: When a user clicks a direct biblio link of the form - /opac-detail.pl?biblionumber=12345 BUG8446, Follow up: Remove unused imports from scripts - Remove import of deprecated C4::Utils module from shibboleth authentication module: Auth_with_shibboleth.pm Signed-off-by: Jesse Weaver <pianohacker@gmail.com> Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Tested with the feide idp. - LDAP login and logout are working - local login/logout are still working - CAS login/logout are still working Instructions for setup can be found on the wiki: http://wiki.koha-community.org/wiki/Shibboleth_Configuration -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #105 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Created attachment 32163 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32163&action=edit [PASSED QA] BUG8446, Follow up: Remove unnecessary sysprefs, move to config Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #106 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Created attachment 32164 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32164&action=edit [PASSED QA] BUG8446, Follow up: Improve local login fallback - Local fallback was not very well implemented, this patch adds better handling for such cases allowing clearer failure messages - This patch also adds the ability to use single sign on via the top bar menu in the bootstrap theme. BUG8446, Follow up: Adds perldoc documentation - Add some documentation to the Auth_with_Shibboleth module including some guidance as to configuration. BUG8446, Follow up: Correct filenames to match guidlines - Moved Auth_with_Shibboleth.pm to Auth_with_shibboleth.pm to match other files present on the system. BUG8446, Follow up: Correct paths after file rename BUG8446, Follow up: Implemented single sign out - This follow up rebases the code against 3.16+ which managed to break some of the original logic. - As a side effect of the rebasing, we've also implemented the single sign out element. Upon logout, koha will request that the shibboleth session is destroyed, and then clear the local koha session upon return to koha. Due to the nature of shibboleth however, you will only truly be signed out of the IdP if they properly support Single Sign Out (which many do not). As a consequence, although you may appear to be logged out in koha, you might find that upon clicking 'login' the IdP does NOT request your login details again, but instead logs you silently back into your koha session. This is NOT a koha bug, but a shibboleth implementation issue that is well known. BUG8446, Follow up: Fixed bootstrap login via modal - The bootstrap theme enable login from any opac page via modal. To enable this with shibboleth we had to make some template parameters globally accessible when shibboleth is enabled. BUG8446, Follow up: Add template rules for Shibboleth and CAS - Add template rules so that CAS and Shibboleth can coexist. BUG8446, Follow up: Added default config to config file BUG8446, Follow up: Embellished perldoc documentation - Updated perldoc to correct detail about configuring shibboleth authentication. - Updated perldoc to include subroutines and their respective functions. BUG8446, Follow up: Enable configuration of match field - Added clearer, more flexible, configuration of shibboleth attribute to koha borrower field matching for authentication - Correcting of documentation to make it more clear to the current implementation - Minor refactoring of code to reduce some code duplication Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #107 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Created attachment 32165 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32165&action=edit [PASSED QA] BUG8446, Follow up: Refactor to clean up bad practice - A number of issues were highlighted whilst writing sensible unit tests for this module. - Removed unnessesary call to context->new(); - Global variables are BAD! - Croaking is a wimps way out, we should handle errors early and properly. Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #108 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Created attachment 32166 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32166&action=edit [PASSED QA] BUG8446, followup: Add Unit Tests Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #109 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Created attachment 32167 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32167&action=edit [PASSED QA] BUG8446, QA Followup: Cleanup tabs and license Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #110 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Created attachment 32168 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32168&action=edit [PASSED QA] BUG8446, QA Followup: Minor Code Tidies Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #111 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Created attachment 32169 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32169&action=edit [PASSED QA] BUG8446, QA Followup: Use DBIx::Class - Convert Auth_with_shibboleth to use dbic stanzas. Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #112 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Created attachment 32170 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32170&action=edit [PASSED QA] BUG8446, QA Followup: Add Test::DBIx::Class to dependancies - To correct tests after converting module to dbic, we need to add the Test::DBIx::Class module as a dependancy. Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> The dependency will probably need to be packaged by us until it can get into Debian proper. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|enhancement |new feature -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #32162|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #32163|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #32164|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #32165|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #32166|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #32167|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #32168|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #32169|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #32170|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #113 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 32365 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32365&action=edit BUG8446: Adds Shibboleth authentication - Use the shibbolethAuthentication syspref to enable Shibboleth authentication - Configure the shibbolethLoginAttribute to specify which shibboleth user attribute matches the koha login - Make sure the OPACBaseURL is correctly set BUG8446, Follow-up: Adds Shibboleth authentication - Fix logout bug: shibboleth logout now occurs only when the session is a shibboleth one. - Do some refactoring: getting shibboleth username is now done in C4::Auth_with_Shibboleth.pm (get_login_shib function) BUG8446, Follow-up: Adds Shibboleth authentication - Adds redirect to opac after logout BUG8446, Follow-up: Adds Shibboleth authentication - Shibboleth is not compatible with basic http authentication in C4/Auth.pm. This patch fixes that. BUG8446, Follow-up: Adds Shibboleth authentication - Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with multiple vhosts. BUG8446, Follow-up: Adds Shibboleth authentication - Adds missing protocol for $ENV{'SERVER_NAME'} Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jesse Weaver <pianohacker@gmail.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Tested with the feide idp. - LDAP login and logout are working - local login/logout are still working - CAS login/logout are still working Instructions for setup can be found on the wiki: http://wiki.koha-community.org/wiki/Shibboleth_Configuration -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #114 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 32366 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32366&action=edit BUG8446, Follow up: Adds Shibboleth authentication - Use syspref OpacBaseURL instead of ENV{'SERVER_NAME'} as this wont work if koha is behind a reverse proxy. - To use multiple vhosts, set OpacBaseURL per vhost explicitly with 'SetEnv OpacBaseURL Value' as per Bug 10325 BUG8446, Follow up: Adds Shibboleth authentication - Ensure user is returned to requested page after authentication - Added querystring to the target path in shibboleth URL so that when a user is authenticated he/she is returned to the correct page they requested before authentication. Example where this is important: When a user clicks a direct biblio link of the form - /opac-detail.pl?biblionumber=12345 BUG8446, Follow up: Remove unused imports from scripts - Remove import of deprecated C4::Utils module from shibboleth authentication module: Auth_with_shibboleth.pm Signed-off-by: Jesse Weaver <pianohacker@gmail.com> Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #115 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 32367 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32367&action=edit BUG8446, Follow up: Remove unnecessary sysprefs, move to config Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #116 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 32368 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32368&action=edit BUG8446, Follow up: Improve local login fallback - Local fallback was not very well implemented, this patch adds better handling for such cases allowing clearer failure messages - This patch also adds the ability to use single sign on via the top bar menu in the bootstrap theme. BUG8446, Follow up: Adds perldoc documentation - Add some documentation to the Auth_with_Shibboleth module including some guidance as to configuration. BUG8446, Follow up: Correct filenames to match guidlines - Moved Auth_with_Shibboleth.pm to Auth_with_shibboleth.pm to match other files present on the system. BUG8446, Follow up: Correct paths after file rename BUG8446, Follow up: Implemented single sign out - This follow up rebases the code against 3.16+ which managed to break some of the original logic. - As a side effect of the rebasing, we've also implemented the single sign out element. Upon logout, koha will request that the shibboleth session is destroyed, and then clear the local koha session upon return to koha. Due to the nature of shibboleth however, you will only truly be signed out of the IdP if they properly support Single Sign Out (which many do not). As a consequence, although you may appear to be logged out in koha, you might find that upon clicking 'login' the IdP does NOT request your login details again, but instead logs you silently back into your koha session. This is NOT a koha bug, but a shibboleth implementation issue that is well known. BUG8446, Follow up: Fixed bootstrap login via modal - The bootstrap theme enable login from any opac page via modal. To enable this with shibboleth we had to make some template parameters globally accessible when shibboleth is enabled. BUG8446, Follow up: Add template rules for Shibboleth and CAS - Add template rules so that CAS and Shibboleth can coexist. BUG8446, Follow up: Added default config to config file BUG8446, Follow up: Embellished perldoc documentation - Updated perldoc to correct detail about configuring shibboleth authentication. - Updated perldoc to include subroutines and their respective functions. BUG8446, Follow up: Enable configuration of match field - Added clearer, more flexible, configuration of shibboleth attribute to koha borrower field matching for authentication - Correcting of documentation to make it more clear to the current implementation - Minor refactoring of code to reduce some code duplication Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #117 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 32369 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32369&action=edit BUG8446, Follow up: Refactor to clean up bad practice - A number of issues were highlighted whilst writing sensible unit tests for this module. - Removed unnessesary call to context->new(); - Global variables are BAD! - Croaking is a wimps way out, we should handle errors early and properly. Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #118 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 32370 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32370&action=edit BUG8446, Follow up: Add Unit Tests Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #119 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 32371 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32371&action=edit BUG8446, QA Followup: Cleanup tabs and license Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #120 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 32372 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32372&action=edit BUG8446, QA Followup: Minor Code Tidies Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #121 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 32373 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32373&action=edit BUG8446, QA Followup: Use DBIx::Class - Convert Auth_with_shibboleth to use dbic stanzas. Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #122 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 32374 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32374&action=edit BUG8446, QA Followup: Add Test::DBIx::Class to dependancies - To correct tests after converting module to dbic, we need to add the Test::DBIx::Class module as a dependancy. Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> The dependency will probably need to be packaged by us until it can get into Debian proper. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #123 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Minor rebase (database change as usual in first patch, which is then removed in second patch anyway). Added first patch back in to tree, as caits bz managed to nuke it during upload it seems. Should apply fine again now ;) -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #124 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 32426 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32426&action=edit Bug 8446: (qa followup) Tests should be conditional on Test::DBIx::Class Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #125 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 32427 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=32427&action=edit Bug 8446: (qa followup) Patch reintroduces SolR stuff Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 M. Tompsett <mtompset@hotmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |http://bugs.koha-community. | |org/bugzilla3/show_bug.cgi? | |id=5010 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 --- Comment #126 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Feature pushed to master. Thanks Matthias, Martin and Jesee! -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Passed QA |Pushed to Master -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |13114 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Shibboleth authentication |Shibboleth authentication |patch | -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |13569 -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446 Pablo AB <pablo.bianchi@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |pablo.bianchi@gmail.com -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org