[Bug 38815] New: Optionally block local login of accounts set for SSO
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38815 Bug ID: 38815 Summary: Optionally block local login of accounts set for SSO Change sponsored?: --- Product: Koha Version: Main Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Authentication Assignee: koha-bugs@lists.koha-community.org Reporter: andrew@bywatersolutions.com QA Contact: testopia@bugs.koha-community.org CC: dpavlin@rot13.org Bug 18506 added the ability to completely prevent local login (login using the koha username and password) when using SSO, but many libraries using SSO find it necessary to allow local login for some users or situations -- community borrowers at an academic library, support vendors who lack SSO credentials, etc. If both SSO and local login must be allowed, libraries want to ensure that any given account can only log in one way -- if your account can authenticate via SSO, you should not be able to authenticate via local login. Libraries enforce this by setting NULL passwords in Koha on accounts using SSO, but at the very least any superlibrarian is able to change that password. It would be helpful to be able to flag an account as "SSO only" and thereby force Koha to null the password and keep it null, hiding the Change Password button and the password field from patron edit. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org