[Koha-bugs] [Bug 28093] New: Additional configuration option(s) for Shibboleth-only mode

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Tue Apr 6 06:28:08 CEST 2021 

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28093

            Bug ID: 28093
           Summary: Additional configuration option(s) for Shibboleth-only
                    mode
 Change sponsored?: ---
           Product: Koha
           Version: master
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5 - low
         Component: Authentication
          Assignee: koha-bugs at lists.koha-community.org
          Reporter: Boze.1 at nd.edu
        QA Contact: testopia at bugs.koha-community.org
                CC: dpavlin at rot13.org

Regarding bug 18506 , in the staff client with Shibboleth Only Mode enabled,
when one logs out, the user is immediately logged back in to the staff client.
I understand that this is the intended behavior and could be solved by using
Single LogOut (SLO). SLO, however, would log the user out of all current
Shibboleth sessions, which would not be desirable (for us). In addition, if the
user is already logged in to Shibboleth, when visiting the staff client for the
first time, the user is automatically logged in without seeing a login page.

We would find it preferable if there were an option for Shibboleth-only mode
(in the staff client) to have a landing page that would prompt the user to log
in (whether or not the user had already authenticated). If the user was already
authenticated, the user would simply be passed on to the staff client without
needing to provide credentials. On logout, the user would return to the landing
page but not be logged out of Shibboleth.

Another alternative could be to have a new option that would disable local
logins (except for self checkout) if some other authentication method (CAS,
Shibboleth) has been activated. Basically this would look the same as the
current login page, but with no option for local login. On logout, the user
would be returned to the login page.

-- 
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.

More information about the Koha-bugs mailing list