[Koha-devel] ILSDI AuthenticatePatron

Fitzpatrick, Christopher cf at wmu.se
Tue Feb 19 11:34:37 CET 2013 

Hi,

Excellent! Thanks for the info. The koha-restful package looks like a
better fit than the ilsdi.pl script. It was a little hard to install, but I
figured it out ( could not find a libcgi-application-dispatch-perl for
squeeze, but found package libcgi-application-basic-plugin-bundle-perl has
this module.) Looks like everything works.

I actually just implemented OAuth2 with Koha (we use Google Apps for
Education, so all our student's use gmail), so I think this will simplify
the authentication situation as well...

I'm currently writing a ruby gem to interact with Koha...I'll send an
update to the list when I publish it, just in case anyone else is
interested...

thanks again. b,chris.


On 18 February 2013 21:27, Chris Cormack <chrisc at catalyst.net.nz> wrote:

> * Fitzpatrick, Christopher (cf at wmu.se) wrote:
> >    Hi everyone,
> >    I've just started working on some "connector" code to extend some
> >    functionality of our Koha instance by interacting with another web
> app we
> >    use. I'm wanting to authenticate users to their Koha accounts and it
> seems
> >    like using the ILSDI api would be the easiest way, since it would it
> would
> >    allow me to not have to make a direct DB connection.
> >    However, looking at the AuthenticatePatron action,  I'm not too
> >    comfortable passing username and password simply as clear text GET
> >    parameters, so I am trying to come up with some ways to avoid this, as
> >    it's not very secure. Limiting IP access to the ilsdi.pl probably
> does not
> >     complete resolve this issue, since the username and password will
> still
> >    be captured in the http logs. I am curious what are some of the
> security
> >    measures others are using when using this api?
> >    Thanks for any help! Very much appreciated...best, chris fitzpatrick
>
> I'd POST to it, over SSL
>
> Chris
>
> --
> Chris Cormack
> Catalyst IT Ltd.
> +64 4 803 2238
> PO Box 11-053, Manners St, Wellington 6142, New Zealand
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20130219/f4058b25/attachment-0001.html>

More information about the Koha-devel mailing list