[Koha-bugs] [Bug 13932] Allow a header to be considered trusted to provide the userid
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Apr 22 07:12:42 CEST 2015
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13932
--- Comment #1 from Robin Sheat <robin at catalyst.net.nz> ---
Created attachment 38301
-->
http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=38301&action=edit
Bug 13932: add support for a trusted HTTP header
This adds support for a 'trusted_header' option in koha-conf.xml that
specified an HTTP header that you trust that contains the userid. This
is to allow Koha to be behind a reverse proxy (for example, running
plack fronted by apache) that does user authentication/authorisation.
Note: for reasons I can't really tell, this doesn't work when apache is
running Koha as CGI, but does work under plack.
Test plan:
* have a koha-plack setup.
* configure apache to send it a header:
RequestHeader set X_REMOTE_USER "testuserid"
* add <trusted_header>X_REMOTE_USER</trusted_header> to koha-conf.xml
* verify that the user behaves as though they're logged in.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list