[Koha-bugs] [Bug 28093] New: Additional configuration option(s) for Shibboleth-only mode
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Apr 6 06:28:08 CEST 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28093
Bug ID: 28093
Summary: Additional configuration option(s) for Shibboleth-only
mode
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: koha-bugs at lists.koha-community.org
Reporter: Boze.1 at nd.edu
QA Contact: testopia at bugs.koha-community.org
CC: dpavlin at rot13.org
Regarding bug 18506 , in the staff client with Shibboleth Only Mode enabled,
when one logs out, the user is immediately logged back in to the staff client.
I understand that this is the intended behavior and could be solved by using
Single LogOut (SLO). SLO, however, would log the user out of all current
Shibboleth sessions, which would not be desirable (for us). In addition, if the
user is already logged in to Shibboleth, when visiting the staff client for the
first time, the user is automatically logged in without seeing a login page.
We would find it preferable if there were an option for Shibboleth-only mode
(in the staff client) to have a landing page that would prompt the user to log
in (whether or not the user had already authenticated). If the user was already
authenticated, the user would simply be passed on to the staff client without
needing to provide credentials. On logout, the user would return to the landing
page but not be logged out of Shibboleth.
Another alternative could be to have a new option that would disable local
logins (except for self checkout) if some other authentication method (CAS,
Shibboleth) has been activated. Basically this would look the same as the
current login page, but with no option for local login. On logout, the user
would be returned to the login page.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list