[Koha-bugs] [Bug 13932] New: Allow a header to be considered trusted to provide the userid

Tue Mar 31 02:27:48 CEST 2015

http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13932

            Bug ID: 13932
           Summary: Allow a header to be considered trusted to provide the
                    userid
 Change sponsored?: ---
           Product: Koha
           Version: master
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5 - low
         Component: Authentication
          Assignee: gmcharlt at gmail.com
          Reporter: robin at catalyst.net.nz
        QA Contact: testopia at bugs.koha-community.org
                CC: dpavlin at rot13.org

When Koha is placed behind an SSO system, it'd be useful to be able to get the
user ID, like happens with basic auth.

This patch allows a header to be considered an authoritative source of user ID.

This only works with a plack-like environment, when apache is running Koha as
CGI I think the headers come through using a different method.

An example configuration would be:

   <Location />
        ... mod_auth_mellon config goes here ...

    Header unset X_REMOTE_USER
    RequestHeader unset X_REMOTE_USER
    RequestHeader set X_REMOTE_USER %{MELLON_sfdcid}e
   </Location>

(REMOTE_USER seems to have a special use to apache that means it doesn't work,
hence using X_REMOTE_USER.)

For testing, you can fake it by replacing the variable with something hardcoded
and ignore all the SSO guff.

-- 
You are receiving this mail because:
You are watching all bug changes.