[koha-commits] main Koha release repository branch master updated. v3.14.00-1154-gb57d985
Git repo owner
gitmaster at git.koha-community.org
Mon May 5 06:52:58 CEST 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".
The branch, master has been updated
via b57d98517c5a9572a54412f7f4e5d872acfa85c3 (commit)
via c8a18f5eefd81dc07512faa962064effdfb88de9 (commit)
from 4bc46dbbcb93ca43b2fd138cf65f51893978b3ad (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b57d98517c5a9572a54412f7f4e5d872acfa85c3
Author: Fridolin Somers <fridolin.somers at biblibre.com>
Date: Thu Apr 10 13:12:19 2014 +0200
Bug 11219: (follow-up) fetch only URL parameters
This followup corrects the fact that when using $query->url(), both
GET and POST params are get.
Using $query->url_param() will only get params directly in URL.
Test plan :
- Enable CAS
- Go to login page : cgi-bin/koha/opac-user.pl
- Try to connect with local login using random login and password
(they will be transmitted by POST)
- You stay to login page
- Look at CAS login URL
=> Without this patch it will contain the random login and password
as parameters of opac-user.pl
=> With this patch it does not contain any parameter
Signed-off-by: Matthias Meusburger <matthias.meusburger at biblibre.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83 at web.de>
Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc at esilibrary.com>
commit c8a18f5eefd81dc07512faa962064effdfb88de9
Author: Fridolyn SOMERS <fridolyn.somers at biblibre.com>
Date: Fri Nov 8 11:12:57 2013 +0100
Bug 11219: make CAS authentication work with URL parameters
Bug 10029 tries to fix the use of URL parameters in CAS authentication.
But is does not work.
The full URL must be used in all methods of C4::Auth_with_cas.
Also, in checkpw_cas(), the 'ticket' parameter must be removed to find
the original URL.
This patch removes the 'ticket' parameter from query before calling
checkpw_cas() since the ticket is passed as method arguemnt.
In C4::Auth_with_cas, many methods use the same code to get the CAS
handler and the service URI. This patch adds a private method
_get_cas_and_service() to do the job.
Test plan:
- Enable CAS
- Go to opac without been logged-in
- Try to place hold on a record
=> You get to /cgi-bin/koha/opac-reserve.pl?biblionumber=XXX showing
authentication page
=> Check that CAS link contains query param "biblionumber"
- Click on CAS link and log in
=> Check you return well logged-in to reserve page with biblionumber
param
- Check CAS loggout
- Check Proxy CAS auth
Signed-off-by: Koha team AMU <koha.aixmarseille at gmail.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83 at web.de>
Passes all tests in t, xt, and t/db_dependent/Auth.t.
Also passes QA script.
As I have no working CAS server, I focused on regression testing:
Activated Persona and casAuthentication.
- Verified normal login against database still works.
- Verified Persona login works.
Note: With Persona you are always forwarded to the patron
account - so you have to search for the record again before
you can place a hold.
- Verified that the CAS URL contains the biblionumber when
logging in while placing a hold.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83 at web.de>
Retested 2014-04-12
Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc at esilibrary.com>
-----------------------------------------------------------------------
Summary of changes:
C4/Auth.pm | 1 +
C4/Auth_with_cas.pm | 69 ++++++++++++++++++++++++++++-----------------------
2 files changed, 39 insertions(+), 31 deletions(-)
hooks/post-receive
--
main Koha release repository
More information about the koha-commits
mailing list