[Koha-devel] ILSDI AuthenticatePatron
Claire Hernandez
claire.hernandez at biblibre.com
Mon Feb 18 15:42:37 CET 2013
Hello,
I have no answer right now for your real problem, but have a look to
this post
http://koha.1045719.n5.nabble.com/Time-for-releases-works-related-to-Drupal-gt-First-koha-restful-td5733380.html
about our work on "some connector code to extend some functionality of
our Koha instance by interacting with another web app we use", could be
helpful.
Claire.
Le 18/02/2013 15:34, Fitzpatrick, Christopher a écrit :
>
> Hi everyone,
>
> I've just started working on some "connector" code to extend some
> functionality of our Koha instance by interacting with another web app
> we use. I'm wanting to authenticate users to their Koha accounts and
> it seems like using the ILSDI api would be the easiest way, since it
> would it would allow me to not have to make a direct DB connection.
>
> However, looking at the AuthenticatePatron action, I'm not too
> comfortable passing username and password simply as clear text GET
> parameters, so I am trying to come up with some ways to avoid this, as
> it's not very secure. Limiting IP access to the ilsdi.pl
> <http://ilsdi.pl>probably does not complete resolve this issue, since
> the username and password will still be captured in the http logs. I
> am curious what are some of the security measures others are using
> when using this api?
>
> Thanks for any help! Very much appreciated...best, chris fitzpatrick
>
>
> _______________________________________________
> Koha-devel mailing list
> Koha-devel at lists.koha-community.org
> http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
> website : http://www.koha-community.org/
> git : http://git.koha-community.org/
> bugs : http://bugs.koha-community.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20130218/3659680b/attachment.html>
More information about the Koha-devel
mailing list