[Koha-devel] OPAC Secured
Eric Bégin
Eric.Begin at inLibro.com
Mon Feb 22 15:11:56 CET 2010
This is a good idea.
However, I'm not sure that just calling a different template from
opacmain.pl is enough. Unless I'm missing something, people will still
be able to access other pages if they know the URL.
I think that adding the OpacNotPublic is necessary.
Why not using this value to set the 'authnotrequired' in the code,
instead of having this value hardcoded. That way, every pages would be
protected.
My 2 cents.
Eric Bégin
inLibro
Bob Birchall @ Calyx wrote:
> Most libraries are happy for the public to come to the OPAC and search the
> catalogue without being logged in. Others however (corporate libraries,
> private colleges) require the user to be logged in before the collection or
> any functionality is exposed.
>
> Koha currently supports the first approach. The second approach is
> achievable by adding jquery to the template (won't stop hacking) or by
> editing the perl code to set 'authnotrequired' value to '0' per page.
> Neither way is user-friendly or produces an elegant display.
>
> We propose adding a syspref 'OpacNotPublic' or similar which when set to
> 'OFF' will cause no change to current behaviour. When set to 'ON' a
> different template will be called by opacmain.pl that will display:
> - a login prompt similar to that for the staff client;
> - the value of opacsmallimage;
> - the value of opacheader;
> - the value of opaccredits.
> Not displayed on this page will be:
> - the search bar and the cart and list buttons;
> - the value of opacnav;
> - the value of opacmainuserblock.
>
> Upon logging in, the user is directed to 'opac-user.pl' as is the case now.
>
> Before we lodge on Bugzilla, are there any comments?
>
> Bob Birchall
> CALYX
>
>
> _______________________________________________
> Koha-devel mailing list
> Koha-devel at lists.koha.org
> http://lists.koha.org/mailman/listinfo/koha-devel
>
>
More information about the Koha-devel
mailing list