[Koha-bugs] [Bug 23771] CAS/Shib Authentication can fail when multiple users with no userid/cardnumber defined and one of them is locked
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Oct 8 01:22:27 CEST 2019
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23771
Nick Clemens <nick at bywatersolutions.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #93847|0 |1
is obsolete| |
--- Comment #2 from Nick Clemens <nick at bywatersolutions.com> ---
Created attachment 93860
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=93860&action=edit
Bug 23771: Don't look for patrons if we don't have a userid
While the code requires external auth to test, the change is simple enough I
think a good read would suffice
To test:
1 - You either need Shib or CAS enabled and setup
2 - Add two users with blank.null cardnumbers
3 - Lock those user accounts
Set failedloginattempts to 1
Try a bad login with the userid
Or set via the DB
4 - Try a good login via the external auth
5 - Note it fails
6 - Apply patch
7 - Login now succeeds
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list