[Koha-devel] Auth hack
Andrew Arensburger
arensb+koha-devel at ooblick.com
Fri Oct 11 23:28:04 CEST 2002
I've added a hack to C4/Auth.pm that allows you to turn off
authentication entirely. Just set the "insecure" systempreference to
the string "yes".
The effect is that C4::Auth doesn't bother authenticating and
just allows you to do anything you like, without your session ever
timing out, or indeed without requiring a session. I find this
convenient because my installation is in a physically secure location,
and all of my librarians (me) are trusted.
For obvious reasons, this isn't advertised as a feature. If
this is deemed to be a Bad Thing, just back out the latest update.
In the longer term, it'd be nice to introduce the notion of
trusted (and untrusted) users and secure (or insecure) workstations.
It shouldn't be too hard to implement user and host groups, and ACLs
for users, hosts, and network ranges.
--
Andrew Arensburger This message *does* represent the
arensb at ooblick.com views of ooblick.com
"You see? You see? Your stupid minds! Stupid! Stupid!" -- Plan 9
More information about the Koha-devel
mailing list