[Koha-bugs] [Bug 23771] CAS/Shib Authentication can fail when multiple users with no userid/cardnumber defined and one of them is locked

[bugzilla-daemon at bugs.koha-community.org]

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23771

Nick Clemens <nick at bywatersolutions.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #93847|0                           |1
        is obsolete|                            |

--- Comment #2 from Nick Clemens <nick at bywatersolutions.com> ---
Created attachment 93860
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=93860&action=edit
Bug 23771: Don't look for patrons if we don't have a userid

While the code requires external auth to test, the change is simple enough I
think a good read would suffice

To test:
1 - You either need Shib or CAS enabled and setup
2 - Add two users with blank.null cardnumbers
3 - Lock those user accounts
    Set failedloginattempts to 1
    Try a bad login with the userid
    Or set via the DB
4 - Try a good login via the external auth
5 - Note it fails
6 - Apply patch
7 - Login now succeeds

-- 
You are receiving this mail because:
You are watching all bug changes.