[Koha-devel] authentication
Tonnesen Steve
tonnesen at cmsd.bc.ca
Sat Jun 29 22:54:03 CEST 2002
While raising wishlist issues, I thought I'd bring up authentication. I
know that Katipo has member authentication on their targeted features
list.
I set up the installer to use Basic Authentication to protect the intranet
interface, but I did this primarily to get it out the door with some
protection on the intranet interface.
The main problem I have with basic authentication is the lack of ability
to log out again without quitting the browser. I see this as being a
particular problem with library search stations if members are logging in
to set reserves.
I'd like to see us do some kind of cookie based authentication that could
be set to expire after a specified period of inactivity. This would also
leave us less tied to MySL than using the auth_mysql_module for apache.
Technically speaking, I see this as requireing the addition of a
checkauthentication() call at the beginning of each script. If
authentication fails, the checkauthentication() routine spits out a login
page (or in the case of the OPAC, it could just carry on without any user
specific options like setting reserves).
Thoughts on this?
Steve.
More information about the Koha-devel
mailing list