IRC Logs

Time Nick Message
23:42 rangi heh
23:42 eythian http://spendyourleapsecondhere.com/
23:28 rangi http://en.lodlive.it/
23:27 wizzyrea [off] eythian saved me from having to do the needful.
23:21 drojf good night #koha
23:15 mtj agreed :)
23:11 eythian mtj: it's better than invalid data getting in which causes strange explosions in 6 months time.
23:08 mtj eythian: i think the utf 'feature' might drive some users crazy... but hey
23:07 mtj thanks for the brainslap, btw :0)
23:05 eythian mtj: I think input validation everywhere possible is always a good thing, all the time, ever.
23:05 rangi excellent
23:05 eythian sweet
23:05 mtj rangi, eythian. im hoping to start adding Koha::Cache to the holidays code, later this week
23:01 drojf as a cosy complement to beer. lol. germans
23:01 wizzyrea that seems on-topic to me.
23:00 mtj ..off topic, how about this for a poss. Koha feature... checking for valid UTF when saving stuff?
22:59 drojf not very much information ;)
22:59 drojf [off] http://www.behn.de/en/brands/kuestennebel/
22:58 drojf http://www.behn.de/en/brands/anis/
22:57 mtj i too am interested ^
22:57 mtj hey #koha
22:54 drojf i have not even thought about that in ages
22:53 drojf küstennebel is star anise liquor
22:53 eythian like Germany makes something other than beer.
22:53 drojf probably küstennebel
22:52 drojf kaloyiannis-koutsikos distilleries, 1st industrial zone of volos, 68e. that's a fantastic address
22:52 wizzyrea ^ this question is relevant to my interests.
22:52 rangi whats the closest german drink to ouzo?
22:52 rangi :)
22:51 drojf no, i'm choosing their booze over german booze, to weaken our economy in solidarity :P
22:49 eythian so you're taking their booze from them? That's pretty terrible! ;)
22:46 * drojf drinks an ouzo… to the people in greece
22:45 drojf i could use that from time to time ;)
22:42 eythian yeah, teaching is pretty good. Makes you get all your thoughts in order, to start with.
22:42 drojf [off] would be fun. and scary. heh. we'll see what happens
22:40 rangi cya later pianohacker
22:40 pianohacker and on that note, I have to leave to do just that
22:40 pianohacker teaching intro computer science is a lot of fun :)
22:39 rangi [off] ohhh that would be excellent
22:38 drojf [off] they consider letting me teach there *giggles madly*
22:37 rangi nice!
22:37 eythian sounds like you've got yourself a project then :)
22:35 drojf [off] i was told there is a high demand for koha at a new 'library computer science' master programme in my area :)
22:35 rangi quite a nice day
22:35 rangi yeah blue skies
22:32 drojf 11° sounds alright, i'd like that too right now
22:23 cdickinson it's actually pretty nice today here
22:23 huginn` cdickinson: The current temperature in Wellington, New Zealand is 11.0°C (10:00 AM NZST on June 30, 2015). Conditions: Clear. Humidity: 76%. Dew Point: 7.0°C. Pressure: 29.98 in 1015 hPa (Steady).
22:23 cdickinson @wunder nzwn
22:20 drojf i should have bought more of that buckwheat beer
22:19 rangi yuck
22:19 drojf and no wind at all
22:19 drojf we'll see. probably humid and sticky
22:18 rangi any wind with it?
22:17 drojf 10 more will be horrible
22:17 drojf i found 26°C today to be pretty warm
22:17 drojf lol exactly
22:17 rangi thats pretty warm
22:17 drojf 36°C on saturday. meh
22:15 drojf oh too slow
22:15 pianohacker kk, will do, thanks guys
22:14 drojf [off] it's bgkriegel@gmail.com on koha-translate
22:14 rangi [off] i use bgkriegel@unc.edu.ar or bgkriegel@gmail.com but that one should work too
22:13 pianohacker [off] rangi: gonzalez@famaf.unc.edu ?
22:13 rangi do you have his email?
22:13 pianohacker okay, thanks.
22:12 rangi the person i would ask is bernardo
22:12 huginn` 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=4503 enhancement, P5 - low, ---, frederic, NEW , Javascript files in js directory are not translated
22:12 pianohacker rangi: ot, but do you know of any documentation on how to use xgettext.pl (or something else, if I'm barking up the wrong tree) to generate a starting .po file? I'm working on bug 4503
22:10 drojf hehe
22:10 rangi :)
22:10 rangi kick any bankers you see
22:10 rangi take money, spend it with local businesses
22:10 rangi exactly
22:09 drojf yeah i can imagine. i'd be happy to help rebuild the country with a visit to kohacon ;)
22:08 rangi probably a bit distracted at the moment though
22:08 rangi they are working on a full website to go with the wiki bit
22:07 drojf *the
22:06 drojf has there been any info on the thessaloniki bid for kohacon 2016 or did they just sneak it into thew wiki?
22:06 pianohacker hi eythian
22:05 drojf hi eythian
22:04 wahanui what's up, eythian
22:04 eythian hi
21:58 drojf did not help that yaz-client works out of the box for loc and gbv (german library network) but not for them. i should have read more on ZOOM before having funny ideas :P
21:55 wahanui rumour has it interesting is sometimes good and sometimes bad
21:55 rangi interesting
21:55 drojf but i learned a lot ;)
21:55 drojf so i bothered the national library about their SRU server config and in the end the problem was that koha eats the tilde you have to use to provide an access token in the base url. it has to be encoded as %7e and apparently it worked without that in earlier versions
21:47 drojf too fast for me
21:47 rangi cya cait
21:47 cait night :)
21:47 rangi heh
21:46 drojf first koha on a raspberry bush would be awesome
21:46 cait be careful, they can be mean :)
21:45 rangi heh
21:45 drojf balcony even
21:45 drojf i did not pay attention to my balkony for a few days and now i have 2m long raspberry shoots growing all over the place :)
20:41 huginn` drojf: The current temperature in Berlin Tegel, Germany is 22.0°C (10:20 PM CEST on June 29, 2015). Conditions: Clear. Humidity: 53%. Dew Point: 12.0°C. Pressure: 30.12 in 1020 hPa (Rising).
20:41 drojf @wunder berlin, germany
20:30 * cait grumps about keeping things simple ;)
20:25 rangi http://blog.bigballofwax.co.nz/2012/07/31/yes-you-should-rewrite-it-no-not-like-that/
20:25 rangi ill just leave this here
20:24 rangi i saw a lot of rewrite discussion last night
20:03 indradg kia ora #koha
17:36 * magnuse gives the evening wave
16:36 gaetan_B bye
16:30 huginn` AmitG: 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14472 enhancement, P5 - low, ---, amitddng135, Needs Signoff , Wrong ISSN search index in record matching rules
16:30 AmitG @bug 14472
16:13 huginn` 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7174 enhancement, P5 - low, ---, paul.poulain, NEW , Authentication rewriting
16:13 kivilahtio pianohacker: ashimema: matts_away: magnuse: care to take a new look at Bug 7174? Is it pfft again? This time I remembered to include all new files.. I hope.
16:06 reiveune bye
15:13 huginn` khall: The operation succeeded.
15:13 khall @later tell joubu can I get your feedback on bug 9011?
15:11 kivilahtio hi tehre!
15:09 cait hi pianohacker
15:08 pianohacker hallo
14:02 druthb Muggy now, soupy later.
14:01 huginn` druthb: The current temperature in Montrose (Mandell Place), Houston, Texas is 27.8°C (9:01 AM CDT on June 29, 2015). Conditions: Clear. Humidity: 85%. Dew Point: 25.0°C. Pressure: 30.02 in 1016 hPa (Falling).
14:01 druthb @wunder 77098
13:52 huginn` tcohen: The operation succeeded.
13:52 tcohen @later tell marcelr would you agree the feature should be renamed "Attach files to biblio records"?
13:36 * magnuse wanders off to barbeque som whale
13:29 drojf huh. i should leave the house from time to time
13:29 huginn` drojf: The current temperature in Berlin Tegel, Germany is 26.0°C (3:20 PM CEST on June 29, 2015). Conditions: Clear. Humidity: 34%. Dew Point: 9.0°C. Pressure: 30.09 in 1019 hPa (Steady).
13:29 drojf @wunder berlin, germany
13:24 nengard ditto for me
13:24 * magnuse has only been there in early spring, thanks goodness
13:24 magnuse marseille can get real hot, apparently
13:24 nengard that's surprising
13:24 nengard wow!! warmer than here
13:24 huginn` magnuse: The current temperature in Marseille / Marignane, France is 30.0°C (3:00 PM CEST on June 29, 2015). Conditions: Clear. Humidity: 32%. Dew Point: 16.0°C. Pressure: 30.08 in 1018 hPa (Falling).
13:24 magnuse @wunder marseille
13:24 nengard LOL
13:24 magnuse whi knew such a thing was possible...
13:23 huginn` nengard: The current temperature in University Hills, Austin, Texas is 24.4°C (8:23 AM CDT on June 29, 2015). Conditions: Scattered Clouds. Humidity: 99%. Dew Point: 24.0°C. Pressure: 30.04 in 1017 hPa (Steady).
13:23 nengard @wunder 78754
13:23 magnuse ooh, double digits!
13:23 huginn` magnuse: The current temperature in Bodo, Norway is 11.0°C (2:50 PM CEST on June 29, 2015). Conditions: Partly Cloudy. Humidity: 62%. Dew Point: 4.0°C. Pressure: 29.98 in 1015 hPa (Steady).
13:23 magnuse @wunder boo
13:23 nengard :)
13:20 magnuse nengard: ah, kewl anyways!
13:04 * tcohen was excited to add his recently moved to 3.20 libraries
13:04 paul_p (if only days had 40 or 45 hours...)
13:04 paul_p tcohen yep, that can/will be a future improvement.
13:04 tcohen hi :-D
13:04 paul_p hi tcohen.
13:03 tcohen paul_p: hea misses to show library type and country distribution
13:03 nengard you mean my hair? actually that's a pic from a couple months ago - but I do have new colors now :) hehe
13:02 tcohen well, picture-upload should be a REST webservice
13:02 wahanui magnuse is a Norwegian giant.
13:02 nengard magnuse?
13:01 marcelr we really should have one uploader
13:01 marcelr i found a third upload mechanism too in picture-upload
13:00 tcohen it is next on my list
13:00 tcohen ah, yes
13:00 huginn` 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6874 enhancement, P3, ---, julian.maurice, Passed QA , Attach a file to a MARC record (Was: File upload in MARC)
13:00 marcelr bug 6874 probably
13:00 tcohen what was that supposed to be about?
13:00 tcohen heh
13:00 marcelr lol
13:00 wahanui marcelr is, like, talking with tcohen about it
13:00 tcohen hey marcelr
12:59 marcelr hi tcohen
12:59 magnuse nengard: new colours?
12:59 tcohen hi magnuse nengard
12:58 nengard morning magnuse
12:58 magnuse hiya nengard and tcohen
12:44 tcohen hi cait!
12:43 cait tcohen: morning!
12:41 kivilahtio thanks
12:41 matts kivilahtio, http://wiki.koha-community.org/wiki/IRC_Regulars :)
12:41 kivilahtio ok, I wonder who M.Tompsett is
12:40 matts kivilahtio, nope, I'm not. I'm Matthias Meusburger
12:40 kivilahtio matts: Are you M.Tompsett?
12:35 tcohen morning!
12:35 AuroraSkywalker I'm going to troublshoot this more later. Thanks for your help so far.
12:29 AuroraSkywalker No I go to the page and it says something like err_name_not_resolved. May be the DNS settings I will look into that. Thanks
12:24 * magnuse gotta go afk for a bit
12:24 magnuse is dns set up correctly?
12:23 magnuse AuroraSkywalker: do you get the "it works" page or just nothing?
12:19 AuroraSkywalker no I thought that's what it needed for a mysql config. I removed it so its back to default. No more errors but it's still not there.
12:19 magnuse looks like the database is empty
12:18 magnuse do you have a file called "mysql"?
12:18 magnuse AuroraSkywalker: DEFAULTSQL="mysql"
12:11 AuroraSkywalker ok
12:07 drojf the comment for the serials table is "patron's opac search history"? that does not seem right :)
12:07 pastebot "AuroraSkywalker" at 127.0.0.1 pasted "cron messages" (162 lines) at http://paste.koha-community.org/164
12:06 AuroraSkywalker I'm getting a bunch of mails from cron about the mysql database, guess it probably wants one set up before the program will even load the page. I'll try that and see if I can make any progress.
11:59 AuroraSkywalker when I look at the system status it says something like thearchives-koha-zebra: fatal: failed to become a deamon: Resource temporarily unavaliable
11:55 AuroraSkywalker the only things I changed were the domain and the defaultsql
11:54 pastebot "AuroraSkywalker" at 127.0.0.1 pasted "koha config" (61 lines) at http://paste.koha-community.org/163
11:50 magnuse (or the default one)
11:49 magnuse (not koha-conf.xml, but the one you gave to --configfile)
11:49 AuroraSkywalker sure one sec
11:48 wahanui I eat paste! It's tasty! http://paste.koha-community.org
11:48 magnuse paste?
11:48 magnuse can you paste the config file?
11:48 magnuse http://wiki.koha-community.org/wiki/Debian#Create_a_Koha_instance
11:48 AuroraSkywalker Thanks for replying
11:48 AuroraSkywalker I think maybe I got something wrong in the config file. I don't know I'm trying to look at my logs to see if it says anything
11:47 AuroraSkywalker Yes, though I haven't configured mysql yet I usually do that when the page shows up
11:46 magnuse AuroraSkywalker: did you create an instance?
11:43 AuroraSkywalker Now it has some fatal issue when I restarted the process, at least it is showing an error now.
11:40 AuroraSkywalker Active: active (exited) since Mon 2015-06-29 06:09:27 CDT; 17min ago
11:40 AuroraSkywalker Hi I'm trying to install koha, on Debian. Followed the instructions but nothing is showing up at the domain it is suppose to. Can't really find any troubleshooting links. Tried to install stable, using local mysql. When I check to see if service koha-common status it returns Loaded: loaded (/etc/init.d/koha-common)
11:32 vfernandes <listen id="publicserver">tcp:localhost:9999</listen> it works, <listen id="publicserver">tcp:@:9999</listen> not
11:18 drojf man yaz-client (aka i don't know :) )
11:16 vfernandes how to pass username/password?
11:16 drojf oh but you tried localhost so that should not be it :)
11:16 drojf it may not be reachable at all from the outside due to firewall or something
11:14 vfernandes I think this is a server configuration problem
11:14 vfernandes with 9999 I've the same problem
11:12 vfernandes let me try
11:12 drojf vfernandes: does your network/ server actually allow to use such a low port? have you tried 9998 or something?
11:03 vfernandes Connecting...error = System (lower-layer) error: Connection refused
11:03 vfernandes when trying to access the Z39.50 with yaz-client (yaz-client -c /KEEPS/koha/etc/zebradb/ccl.properties localhost:210/biblios) I get the following error:
11:00 vfernandes <listen id="publicserver">tcp:@:210</listen>
11:00 vfernandes i've uncommented the lines refered in that wiki and i've restarted zebra server
10:59 vfernandes http://wiki.koha-community.org/wiki/Troubleshooting_Koha_as_a_Z39.50_server
10:59 vfernandes can anyone help me configuring koha public Z39.50 server?
10:42 drojf it's ok so far ;)
10:42 drojf hi marcelr :)
10:41 marcelr hi drojf: hope your monday is better :)
10:39 drojf "after 5.6, the server default will include STRICT_TRANS_TABLES." that should be fixed properly :)
10:37 vfernandes yes
10:36 drojf vfernandes: where do you set it? in my.cnf?
10:35 vfernandes drojf : I didn't tried to change the code, because disable that option worked for me
10:35 cait bbiab
10:34 drojf ?
10:34 drojf vfernandes: does it work when you use $input->param("enrolmentperioddate") = 'NULL' if enrolmentperioddate is not filled
10:33 vfernandes cait: the control of the data inserted could be done by the software code or by the database... Usually it's done by the software code, but in some MySQL installations the option STRICT_TRANS_TABLES comes as default
10:31 cait vfernandes: sounds like soething we still should fix properly :)
10:30 vfernandes then I've remembered that MySQL has mecanisms to block inserts with incorrect values... the option STRICT_TRANS_TABLES is responsible to that block ('' (empty string) is not a valid date, '' is not a valid number...)
10:28 vfernandes kivilahtio: if the code was working for rangi and for drojf, the problem only could be software related (perl, MySQL, etc...)
10:24 kivilahtio sounds like a very hard to debug thing
10:23 kivilahtio vfernandes: I am happy you found your solution
10:21 vfernandes thanks magnuse, cait, rangi and drojf
10:18 vfernandes removing that option it works :D
10:18 vfernandes MySQL documentation : "If a value could not be inserted as given into a transactional table, abort the statement. For a nontransactional table, abort the statement if the value occurs in a single-row statement or the first row of a multiple-row statement. More details are given later in this section."
10:16 vfernandes STRICT_TRANS_TABLES
10:15 drojf do you mean it has to be NULL, not ''?
10:13 vfernandes MySQL doesn't have an option to controll empty values?
10:12 vfernandes I think I know what it is...
10:11 vfernandes $input->param("enrolmentperioddate") = '' if enrolmentperioddate is not filled
10:10 vfernandes looking at the code I don't see where the problem is
10:10 pastebot "vfernandes" at 127.0.0.1 pasted "Code of categories.pl" (33 lines) at http://paste.koha-community.org/162
10:07 drojf i have the same. it is an upgraded installation (from 3.18) though
10:06 vfernandes debian 7, perl 5.14.2
10:05 vfernandes could be something related to SO version or Perl version?
10:05 drojf can't reproduce
10:04 vfernandes i've tried on Firefox and Chrome
10:04 vfernandes "An error occurred when inserting this patron category. The patron category might already exist." this is the error on the interface
10:03 vfernandes english version
10:03 drojf oh you said english templates, sorry
10:02 drojf vfernandes: do you try it in the english version or translated?
09:57 cait heya rangi
09:56 rangi and on one upgraded from 3.20.0
09:56 rangi on a fresh install
09:56 rangi i cant reproduce either
09:54 cait worht noting it's a fresh installation
09:54 cait vfernandes: maybe best to file a bug report
09:49 vfernandes I don't know... this is the first time I've installed a version up than 3.16
09:48 cait wonder if it could be a difference between updated/new installation
09:46 cait hm
09:45 vfernandes fresh install
09:45 vfernandes english templates
09:45 cait translated templates or english templates?
09:45 cait did you just update?
09:44 vfernandes but I get the following error in the logs : DBD::mysql::st execute failed: Incorrect date value: '' for column 'enrolmentperioddate' at row 1 at /KEEPS/koha/intranet/cgi-bin/admin/categorie.pl
09:44 cait magnuse: but works for you?
09:44 cait hm yeah that shoudl work
09:44 vfernandes i'm adding a categorie with a defined period time of 12 months (for example)
09:43 cait .... when adding categories
09:43 cait ah sorry, missed that
09:43 cait vfernandes: what are you doing to trigger the errror?
09:39 vfernandes the enrolmentperiod and enrolmentperioddate can be NULL in the database
09:38 vfernandes if I fill the enrolmentperioddate : DBD::mysql::st execute failed: Incorrect integer value: '' for column 'enrolmentperiod' at row 1 at /KEEPS/koha/intranet/cgi-bin/admin/categorie.pl
09:38 magnuse vfernandes: i can't reproduce...
09:35 vfernandes when adding categories : DBD::mysql::st execute failed: Incorrect date value: '' for column 'enrolmentperioddate' at row 1 at /KEEPS/koha/intranet/cgi-bin/admin/categorie.pl
09:35 vfernandes problem in Koha 3.20.1
09:35 vfernandes hi guys
09:26 ashimema basically.. they just allow one to plug on routine to do the actual authentication and authorization.. but they give a nice framework for holding it all together
09:26 kivilahtio ashimema: lucky me I already had to go to significatn depths on how Mojolicious works to make logging work and extend pluginss
09:26 ashimema I've used the authentication one as an inspiration for writing my own.. and I use the Authorization one out of the box ;)
09:26 kivilahtio ashimema: thanks, I'll take a look
09:25 ashimema I'm reasonably confident they could be used for inspiration ;)
09:25 ashimema I really like the way https://metacpan.org/pod/Mojolicious::Plugin::Authentication and https://metacpan.org/pod/Mojolicious::Plugin::Authorization are laid out
09:21 * magnuse cheers kivilahtio on
09:21 kivilahtio I'll make it better today, I got some nice ideas this weekend I am eager to put into practice
09:20 ashimema all good
09:20 kivilahtio sorry, need to review a press release :)
09:20 kivilahtio see the _check_version for ex.
09:20 kivilahtio ashimema: my modifications ai to be 100% backwards compatible. So we can rewrite portions in steps
09:19 matts yep, and be able to define an order would be nice
09:19 ashimema etc. etc
09:19 ashimema Try LDAP, Never fallback to Local..
09:19 ashimema Try CAS, then LDAP, then Local..
09:19 ashimema woudl be better to be able to make this explicit..
09:18 ashimema so.. at the moment.. koha says.. 'if CAS enabled try CAS, if LDAP enabled, try LDAP, try Loca..
09:18 ashimema I'd like a fallback path written into a re-write too..
09:17 ashimema if one needs a particular permissions.. then a check_perm($permission) should be the definative call (and it may well call check_auth internally as the first step ;) )
09:16 ashimema if one just needs auth.. then check_auth should be the one way to get it..
09:15 ashimema i.e.
09:15 ashimema that would actually be far better factored out.
09:15 ashimema your last step.. Check if haspermission..
09:14 ashimema set_userenv is non-restful.. though I actually have no issue with using such caches.. they just need to be transparent from the client.
09:11 ashimema with a simple yes/no as the response
09:11 ashimema kivi.. what you likely need for a central auth module is a sub 'authenticate' which accepts username:password:other_hashref
09:11 cait ok
09:09 ashimema is x authenticated? yes/no
09:09 ashimema there are standard pam modules for all sorts of things.. and basically the api is as simple as..
09:09 kivilahtio "convetion over configuration"
09:08 kivilahtio but the Idea is to have authentication subroutines, but they wont need configuring :)
09:08 ashimema basically cait, pam is a standardised API that apps in linux can hand off to for authentication..
09:08 kivilahtio well I have no clue how to use it and I am not going to replicate it for Koha
09:08 ashimema lol..
09:08 kivilahtio I hate linux PAM
09:08 ashimema Linux Pluggable Authentication Modules
09:08 kivilahtio ashimema: nope
09:07 cait PAM?
09:07 ashimema ooh.. are you a PAM man?
09:07 kivilahtio PAM for Koha :)
09:07 kivilahtio its very interesting :)
09:07 kivilahtio well I'll just keep working on it
09:06 ashimema right.. back to auth..
09:06 kivilahtio every request needig auth
09:06 ashimema it sends auth details with every request.
09:06 ashimema So.. in effect SIP is jsut RESTful in nature..
09:06 ashimema :)
09:05 ashimema temporary variale that are only setup for a shorter period of time.
09:05 kivilahtio ashimema: thanks for clairification ,we agreee
09:05 ashimema they're onyl not restfull if you store stuff like search history in them..
09:05 kivilahtio not sure if we agree or disagree
09:05 ashimema cookies.. get sent with every request.. thus.. they are sending all authentication detail with every request.. thus they are prefectly restful
09:04 kivilahtio it doesn't make it any more non-REST
09:04 ashimema and in fact.. anyone that tells you cookies means this isn't the case doesn't understand this stuff either ;)
09:04 kivilahtio so normal Koha-users can benefit from it
09:04 kivilahtio ashimema: yes I understand, but we need to support the CGISESSID as well
09:04 ashimema auth with every request..
09:04 ashimema that's exactly what REST is all about too kivi
09:04 kivilahtio so we get the authentication information on each message that reasonably needs authentication
09:03 kivilahtio the sip speficiation claims that each message can be a stand-alon message
09:03 ashimema why persist it ;)
09:03 kivilahtio atleast it doesnt persist the authentication
09:03 kivilahtio cait: I dont think it really authenticates :)
09:02 cait the way SIP does authenticate is nto very clean right now... i got a bug for that somewhere
09:01 cait are the ones that come to mind
09:01 cait native Koha, CAS, LDAP, Shibboleth - also SIP, ILS-DI, svc
09:01 cait kivilahtio: thinking of apis....
09:00 matts Okay, will look at it !
08:59 kivilahtio matts: there is a gdoc link for my spec and some WIP commit for people to see where this is heading
08:59 huginn` 04Bug 7174: enhancement, P5 - low, ---, paul.poulain, NEW , Authentication rewriting
08:59 kivilahtio http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7174
08:59 kivilahtio matts: It is a critical part of the REST API development to get a sane authentication framework for all the various ways of authenticating to Koha
08:58 ashimema matts, would be really good to get your input too ;)
08:58 matts kivilahtio, sure, where is it ?
08:58 ashimema I'll dip in as often as I can to comment..
08:58 kivilahtio matts: it is stil WIP but I need people to support it so we have any hope of getting it pushed
08:58 ashimema I'd say go for it kivi..
08:58 kivilahtio matts: want to review my work?
08:58 matts that's nice to hear :)
08:58 kivilahtio ashimema: I understand
08:58 kivilahtio matts: working on it
08:58 matts We miss a modular auth stack in koha
08:58 ashimema I have sic months worth of back log for paying customers here at the minute :(
08:57 kivilahtio but if we could agree on a datetime for a review, that would be aswesome
08:57 ashimema at the minute. I can't easily judge..
08:57 ashimema there's more persona stuff in some files in /opac/svc
08:57 kivilahtio I will work on it more now
08:57 kivilahtio ashimema: you still didnt tell me when you have time to take a look at the rewrite?
08:57 ashimema yeah.. Auth is a mess ;)
08:57 kivilahtio ok
08:57 cait https://www.mozilla.org/en-US/persona/about/
08:57 ashimema it's not CAS..
08:56 ashimema nah.. that's just because the varialbe are all messed up and re-used all over the shop ;)
08:56 ashimema it sends a 'special token' which koha then binds on
08:56 kivilahtio in C4::Auth there is only one check for PT-parameter in context of Persona, and the PT leads to CAS
08:56 ashimema Firefox acts as your identity keeper..
08:55 ashimema persona is a firefox thing
08:55 cait todally different
08:55 cait no
08:55 cait it probably still workds tho
08:55 kivilahtio I thought Persona was part of CAS
08:55 ashimema along with local auth over BASIC or Params
08:55 cait i think persona is dead kind of
08:55 ashimema there is also Persona and APK support in koha..
08:55 kivilahtio CAS only want a PT-http parameter
08:55 ashimema but matts would be able to better comment
08:55 ashimema I 'think' CAS is also SSO..
08:54 ashimema SLO - Single Log On (i.e sign in to each app individually, but using the same set of credentials each time)
08:54 ashimema SSO = Single Sign On (i.e sign in once on one app, be signed into all other apps at the same time)
08:54 kivilahtio single-sign on vs single log on
08:54 cait so that would be the main difference i guess
08:54 kivilahtio ?
08:54 cait aah
08:54 kivilahtio single log on
08:54 cait slo?
08:54 ashimema Shibboleth is SSO.. LDAP is SLO
08:53 ashimema yup..
08:53 cait also for accessing electronic ressources
08:53 magnuse http://perldoc.koha-community.org/C4/Auth_with_ldap.html
08:53 cait shibboleth is very common here - to build single sign on solutions
08:53 ashimema C4::Auth_with_ldap kivi
08:53 kivilahtio ashimema: when can you take a look at the authentication rewrite?
08:53 cait only the ldap does that so far -ashimema has patches for it to happen with shib too
08:53 cait yep
08:53 cait i think in the ldap module
08:52 kivilahtio mm, mybe it is on C4::Auth_LDAP
08:52 cait maybe because it happens elsewher? :)
08:52 kivilahtio really? I haven't seen that in C4::Auth?
08:52 cait also updating the user everytime they authenticate
08:52 cait it's just an optional feature
08:52 cait already
08:52 cait kivilahtio: we do
08:51 kivilahtio cait: I think in Koha we could easily add a borrower from the information LDAP returns
08:51 ashimema I think it sort of sits in the middle of those two methods
08:51 cait with shib you can authenticate at the... campus portal and then you are automatically logged into koha as well - can you do that kind of thing with ldap?
08:51 ashimema CAS i'm not 100% sure how it works..
08:51 cait ashimema: hm differences between ldap and shib...
08:50 ashimema but if your relying upon ldap to populate your users, then that will only happen at first login
08:50 magnuse gotcha
08:50 cait if you do the 'create users via ldap' thing
08:49 cait then they can chek out
08:49 ashimema if those user account are already in the koha end they can...
08:49 cait magnuse: you'd tell them to go log into the opac once
08:49 ashimema sorry..
08:49 magnuse cait, ashimema: oh
08:49 ashimema but that's an enhancement I'd love to do..
08:49 ashimema right now magnuse, no..
08:49 cait magnuse: not yet, but i think there is apatch lingering somewhere in koha
08:49 ashimema similarly to ldap, the shibboleth secret handshake can include lots of extra details from which you can build a koha user from/update an existing user from.
08:48 magnuse how does ldap work if the user has never signed into koha, but comes to check out a book? can koha then get the patron data without the user's password?
08:48 ashimema Shibboleth: Koha asks browser 'Do we have a logged in user?', Browser replies with yes or no, if no then user can ask to authenticate, koha says 'OK, go over there and authenticate, then bring me back a secret handshake'. (So, the big thing here is koha NEVER see's the users username and password).
08:47 kivilahtio yup
08:47 ashimema LDAP... User inputs username & password into KOHA.. koha then sends these to ldap server and asks "Are they OK?", LDAP then replies with OK and other details if configured to give those (from which you can build new users, update existing users)
08:46 kivilahtio ok
08:45 ashimema it's the order in which the calls happen which is important.
08:45 ashimema OK.. they're all authentication systems (which can double up as authorization handlers)
08:44 kivilahtio ashimema: And If I was to implement a single sign on system for our Issue tracker and Koha librarians, which method would you recommend?
08:44 ashimema it will all ask what their password is.. then compare it to what they gave you
08:44 ashimema it'll then perform an ldap search to find the user that's trying to login.. (i.e samaccountname)..
08:44 kivilahtio apparently LDAP and Shibboleth are pretty muc hthe same?
08:43 kivilahtio ashimema: speaking of LDAP, can you tell me in two sentences what is the difference between LDAP and CAS and Shibboleth?
08:43 ashimema koha will attempt to login to the ldap server with your 'service user', (as per the username and password contained within the <user></user><pass></pass> block
08:43 cait fred_pt ^^
08:42 ashimema So.. in your current flow..
08:42 ashimema or at least that's my understanding
08:41 ashimema with auth_by_bind turned off, instead koha asks for the password and then does the comparision our side
08:41 ashimema not many ldap directories will allow the password to leak out.. so bind mean you send them username + password to the ldap and letting it 'bind' for you..
08:39 ashimema ooh.. you probably want auth_by_bind.. I've hardly ever seen that set to '0'
08:38 ashimema sorry.. I missed the paste there... just reading it now
08:38 ashimema oops..
08:04 huginn` kivilahtio: The operation succeeded.
08:04 kivilahtio @later tell pianohacker. I think I made a translation mistake in my head. When I said my work, I meant my job ... :)
08:04 * magnuse will have to set up ldap soon, so is all ears
07:53 cait i am just guessing around - you better listen to ashimema :)
07:52 fred_pt i'm kind of new to this ldap thing so i may give stupid awsers :) and i just need to have the users from windows domain to authenticate to koha interface
07:52 cait hm wondering, do you need to match password?
07:51 pastebot "fred_pt" at 127.0.0.1 pasted "LDAP config" (24 lines) at http://paste.koha-community.org/161
07:48 ashimema obviosly *** out anything personal ;)
07:48 ashimema http://paste.koha-community.org/
07:48 ashimema whats your config look lke?
07:44 cait might be worth trying the mailing list
07:44 cait i have never set up ldap myself - so not much help here
07:43 cait hm i think the second looks more promising - maybe then it finds the user name but just the passwords are not matching?
07:42 fred_pt I have koha working wonderful just miss this step to "sell" it to my company for our new library...
07:42 fred_pt also i get this second line in the log: The request referenced an attribute that does not exist
07:40 fred_pt in ldap the "name" is "Frederico Almeida" but sAMAccountName is "falmeida"
07:39 fred_pt but looking at this awser it seems it can't find the password to match against or i see this wrong?
07:38 fred_pt if i try falmeida i get: opac-user.pl: LDAP Auth rejected : invalid password for user 'falmeida'. LDAP error #16: LDAP_NO_SUCH_ATTRIBUTE
07:38 fred_pt i tried several ways but the proper one should be "falmeida" as this is the pc login username
07:36 cait um maybe somethin in your mapping? is the name with the space the user login?
07:33 fred_pt does this means that i was able to log into windows ldap and it didn't find the user i tried to login with?
07:32 fred_pt LDAP Auth rejected : (sAMAccountName=frederico almeida) gets 0 hits, referer: http://trvlib.library.trivago.trv/cgi-bin/koha/opac-user.pl
07:31 fred_pt so i think i am missing something between the query i make and the fields in ldap server?
07:30 cait morning ashimema :)
07:30 ashimema well done fred_pt
07:29 fred_pt after having a better look into it i found the log i was looking for: opac-user.pl: LDAP Auth rejected : invalid password for user 'falmeida'. LDAP error #16: LDAP_NO_SUCH_ATTRIBUTE
07:29 fred_pt ok
07:26 gaetan_B hello
07:25 cait do you know wher your koha logs are?
07:25 cait error messages might show up in the usual logs
07:23 fred_pt i need to find out why my ldap connection is not working between koha and windows server
07:23 cait fred_pt: what kind of information are you looking for?
07:22 fred_pt Does the ldap in koha writes to any log file?
07:22 cait hi marcelr :)
07:19 marcelr hi #koha
07:15 cait morning #koha
07:12 * dcook waves and peaces out for the night
07:11 fred_pt now you got me - just found i have a shell.... let's try to use it...
07:09 drojf have you tried doing it in koha-shell? (if you are on a package installation)
07:09 fred_pt i am trying to put the ldap connection between koha and windows domain controller - it works with serachldap but not with koha
07:08 drojf fred_pt: don't know what yoiu are doing, but that looks like missing environment variables
07:08 huginn` AmitG: 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6810 enhancement, P4, ---, amitddng135, Needs Signoff , Send membership expiry reminder notices
07:08 AmitG @bug 6810
07:08 AmitG can you please check
07:07 alex_a AmitG: yep
07:07 AmitG alex_a around?
07:05 fred_pt opac-user.pl userid=***** password=****** it returns Can't locate C4/Auth.pm in @INC (you may need to install the C4::Auth module) anyone knows what is this error?
07:04 drojf morning
07:02 fred_pt This ldap thing is killing my last 2 mornings... :(
07:01 wahanui the only good morning is a dead one
07:01 fred_pt Good morning
06:59 wahanui niihau, alex_a
06:59 alex_a bonjour
06:56 fred_pt Oh and the windows server doesn't accept anonymous bind.
06:54 fred_pt *post
06:54 fred_pt Can i poaste here the config i have in koha-conf.xml?
06:53 fred_pt Ok now responding to your questions: koha version 3.14.16 - the documentation was the official one on koha site and ldap with bind.
06:51 fred_pt If i try to use opac-user.pl to test like: opac-user.pl userid=***** password=****** it returns Can't locate C4/Auth.pm in @INC (you may need to install the C4::Auth module)
06:51 ashimema are you doing auth by bind?
06:50 ashimema and what documentation have you followed thus far..
06:50 ashimema What Koha version are you using..
06:49 fred_pt Thanks!
06:49 fred_pt Is anyone able to give me a help on this please?
06:49 fred_pt I have searched for documentation, tried several ways and if i use a tool like ldapsearch i can connect and read the user data, within koha it always fails either by saying no results returned or by saying logon error.
06:47 fred_pt I need to be able to read the domain accounts as we have +800 users and growing fast.
06:47 wahanui bonjour, reiveune
06:47 reiveune hello
06:47 fred_pt My problem is really the ldap link to my domain controller. I have spent a few hours trying to solve this but no luck,
06:46 fred_pt Thanks for the kind reply
06:45 ashimema (though it's breakfast time for me.. so I'm about to head offline for a bit for that ;) )
06:45 ashimema ask away.. someone is likely to try and answer
06:44 fridolin hie
06:44 fred_pt Good morning everyone! Can someone please spare some minutes helping me resolve a problem with my current Koha server?
06:43 huginn` ashimema: The current temperature in Monkswood, Stevenage, United Kingdom is 15.2°C (7:43 AM BST on June 29, 2015). Conditions: Clear. Humidity: 85%. Dew Point: 13.0°C. Pressure: 30.15 in 1021 hPa (Steady).
06:43 ashimema @wunder stevenage, uk
06:43 huginn` ashimema: The current temperature in Monkswood, Stevenage, United Kingdom is 15.2°C (7:42 AM BST on June 29, 2015). Conditions: Clear. Humidity: 85%. Dew Point: 13.0°C. Pressure: 30.15 in 1021 hPa (Steady).
06:43 ashimema @wunder stevenage, il
06:03 dcook :(
06:02 magnuse nope, something failed this year, so far...
06:01 * dcook isn't sure that Bodo has figured out it's summer yet though
06:01 dcook I think we only have 2 more months of winter here...
06:01 dcook I wonder that too
06:01 huginn` dcook: The current temperature in Sydney, New South Wales is 18.0°C (3:30 PM AEST on June 29, 2015). Conditions: Scattered Clouds. Humidity: 56%. Dew Point: 9.0°C. Pressure: 30.39 in 1029 hPa (Steady).
06:01 dcook @wunder syd
06:01 huginn` magnuse: The current temperature in Bodo, Norway is 9.0°C (7:50 AM CEST on June 29, 2015). Conditions: Scattered Clouds. Humidity: 76%. Dew Point: 5.0°C. Pressure: 29.92 in 1013 hPa (Steady).
06:01 magnuse @wunder boo
06:01 * magnuse wonders how we already got to the 29th
05:55 dcook Feels like a long day :p
05:54 dcook Oh, I don't mind
05:53 * magnuse hates to be the bringer of bad news
05:52 magnuse guess it is
05:52 * magnuse waves back
05:51 * dac waves to magnuse
05:51 dac Is it already that time of day?
05:51 * magnuse waves
05:00 * dcook looks forward to the day when Koha ships with Plack by default
03:28 AmitG hi all
01:12 wizzyrea (though I'll probably have something that kind of maybe says what to do in the next day or so.)
01:11 * dcook thumbs up
01:11 huginn` wizzyrea: The operation succeeded.
01:11 wizzyrea @later tell nengard documentation suggestion: write down what to do if you make a mistake receiving serials. :)
00:42 wizzyrea valid point
00:38 dcook Hmm, could be. Might need to do something with the items too if it was made automatically?
00:38 wizzyrea I feel like you just change the status back to "expected"
00:38 wizzyrea ...I just realised that I don't know how one "un-receives" a serial.
00:34 dcook ^_^
00:34 wizzyrea lulz.
00:34 wizzyrea many lulx.
00:33 huginn` dcook: The operation succeeded.
00:33 dcook @later tell eythian But it was the same sentiment!
00:32 huginn` eythian: The operation succeeded.
00:32 eythian @later tell dcook it did
00:32 dcook Hmm that looked generic...
00:32 huginn` dcook: The operation succeeded.
00:32 dcook @later tell pianohacker thanks :)
00:32 huginn` dcook: The operation succeeded.
00:32 dcook @later tell tcohen thanks :)
00:31 dcook O_O
00:30 eythian https://twitter.com/rpy/status/615044896123031552
00:25 wizzyrea hi