[Koha-bugs] [Bug 20340] Ability to use authentication plugin

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Wed Mar 7 14:05:56 CET 2018


https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20340

--- Comment #5 from Kyle M Hall <kyle at bywatersolutions.com> ---
(In reply to Alex Arnaud from comment #4)
> (In reply to Kyle M Hall from comment #3)
> > I think this is an excellent concept, but I don't think it is necessary to
> > have a syspref and limit the auth pluggability to one at a time. In Koha we
> > already essentially loop through all the enabled authentication systems (
> > ldap, cas, etc ).
> Not sure Koha works like that. Reading the code, we switch (not loop) on the
> one that is enabled: Koha *or* LDAP *or* CAS with a fallback on Koha if LDAP
> or CAS return the code 0.

You are correct! Not sure why I had thought that. Looks like the precedence is
LDAP, CAS, Shib. I don't think that should affect my suggestion though.

> > 
> 
> > I would recommend the following:
> > * Drop the system preference
> Anyway we need to enable/disable this module(s). So, in a dedicated
> administration page? In plugins-home.pl (but it is not realy built for that)
> ?
> 
> > * Inside checkpw, loop through all plugins with a checkpw method, and return
> > the first one that 'successfully' authenticates the user/password combo.

I would say the plugin itself should be responsible for having controls to tell
Koha if it is enabled or not. There is already precedence for this in Koha (
see bug 19173 ). For simplicity, the plugin could simply return values as if
the authentication failed, for the sake of simplicity.

What do you think?

-- 
You are receiving this mail because:
You are watching all bug changes.


More information about the Koha-bugs mailing list