[Koha-bugs] [Bug 23771] CAS/Shib Authentication can fail when multiple users with no userid/cardnumber defined and one of them is locked

[bugzilla-daemon at bugs.koha-community.org]

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23771

Martin Renvoize <martin.renvoize at ptfs-europe.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #93951|0                           |1
        is obsolete|                            |

--- Comment #4 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
Created attachment 94018
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=94018&action=edit
Bug 23771: Don't look for patrons if we don't have a userid

While the code requires external auth to test, the change is simple enough I
think a good read would suffice

To test:
1 - You either need Shib or CAS enabled and setup
2 - Add two users with blank.null cardnumbers
3 - Lock those user accounts
    Set failedloginattempts to 1
    Try a bad login with the userid
    Or set via the DB
4 - Try a good login via the external auth
5 - Note it fails
6 - Apply patch
7 - Login now succeeds

Signed-off-by: Mike Somers - Bridgewater State University <msomers at bridgew.edu>
Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>

-- 
You are receiving this mail because:
You are watching all bug changes.