[Koha-devel] ILSDI AuthenticatePatron

Fitzpatrick, Christopher cf at wmu.se
Wed Feb 27 09:39:51 CET 2013 

Hello,

Sorry if this is documented somewhere that I'm not seeing, but I have
pulled down the latest version of Koha  and the restful code for
development, but several of restful tests do not pass. It looks like all
empty JSON is being returned, so I think my test environment is not
right....are there maybe some mock definitions I'm missing? Apologize about
for being dense...this is my first pass at setting up Koha for
development...

thanks for any help...b,chris.




On 22 February 2013 09:14, Fitzpatrick, Christopher <cf at wmu.se> wrote:

> Hi,
>
> So, I went a bit more in-depth with the rest.pl... I'm curious if there's
> a plan to add user interaction functionality to this? Like allow users to
> renew loans, place holds, cancel holds?
> If someone where to add this, would you take a pull-request, or is this
> out of scope and should this be forked to a project?
>
> thanks again..b,chris.
>
>
>
> On 19 February 2013 11:34, Fitzpatrick, Christopher <cf at wmu.se> wrote:
>
>>
>> Hi,
>>
>> Excellent! Thanks for the info. The koha-restful package looks like a
>> better fit than the ilsdi.pl script. It was a little hard to install,
>> but I figured it out ( could not find a libcgi-application-dispatch-perl
>> for squeeze, but found package libcgi-application-basic-plugin-bundle-perl
>> has this module.) Looks like everything works.
>>
>> I actually just implemented OAuth2 with Koha (we use Google Apps for
>> Education, so all our student's use gmail), so I think this will simplify
>> the authentication situation as well...
>>
>> I'm currently writing a ruby gem to interact with Koha...I'll send an
>> update to the list when I publish it, just in case anyone else is
>> interested...
>>
>> thanks again. b,chris.
>>
>>
>> On 18 February 2013 21:27, Chris Cormack <chrisc at catalyst.net.nz> wrote:
>>
>>> * Fitzpatrick, Christopher (cf at wmu.se) wrote:
>>> >    Hi everyone,
>>> >    I've just started working on some "connector" code to extend some
>>> >    functionality of our Koha instance by interacting with another web
>>> app we
>>> >    use. I'm wanting to authenticate users to their Koha accounts and
>>> it seems
>>> >    like using the ILSDI api would be the easiest way, since it would
>>> it would
>>> >    allow me to not have to make a direct DB connection.
>>> >    However, looking at the AuthenticatePatron action,  I'm not too
>>> >    comfortable passing username and password simply as clear text GET
>>> >    parameters, so I am trying to come up with some ways to avoid this,
>>> as
>>> >    it's not very secure. Limiting IP access to the ilsdi.pl probably
>>> does not
>>> >     complete resolve this issue, since the username and password will
>>> still
>>> >    be captured in the http logs. I am curious what are some of the
>>> security
>>> >    measures others are using when using this api?
>>> >    Thanks for any help! Very much appreciated...best, chris fitzpatrick
>>>
>>> I'd POST to it, over SSL
>>>
>>> Chris
>>>
>>> --
>>> Chris Cormack
>>> Catalyst IT Ltd.
>>> +64 4 803 2238
>>> PO Box 11-053, Manners St, Wellington 6142, New Zealand
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20130227/0dcd475d/attachment-0001.html>

More information about the Koha-devel mailing list