| Time |
S |
Nick |
Message |
| 00:03 |
|
|
Francesca joined #koha |
| 00:32 |
|
|
caboose--afk joined #koha |
| 00:37 |
|
|
caboose--afk joined #koha |
| 00:40 |
|
|
caboose--afk joined #koha |
| 01:04 |
|
|
caboose-designing joined #koha |
| 02:02 |
|
|
Francesca joined #koha |
| 02:34 |
|
|
Francesca joined #koha |
| 02:46 |
|
|
Francesca joined #koha |
| 05:02 |
|
|
cait joined #koha |
| 06:05 |
|
|
LibraryClaire joined #koha |
| 06:15 |
|
|
drojf joined #koha |
| 06:15 |
|
drojf |
morning #koha |
| 06:19 |
|
|
sameee joined #koha |
| 06:19 |
|
|
sameeenz joined #koha |
| 06:24 |
|
cait |
morning drojf |
| 06:24 |
|
drojf |
hi cait |
| 06:24 |
|
cait |
LibraryClaire: could you take a look at the pref description and pref name on bug 8010? native speaker required :) |
| 06:24 |
|
huginn` |
Bug http://bugs.koha-community.org[…]w_bug.cgi?id=8010 major, P1 - high, ---, baptiste.wojtkowski, Pushed to Master , Search history can be added to the wrong patron |
| 06:29 |
|
drojf |
@wunder txl |
| 06:29 |
|
huginn` |
drojf: Error: No such location could be found. |
| 06:29 |
|
drojf |
@wunder berlin, germany |
| 06:29 |
|
huginn` |
drojf: Error: No such location could be found. |
| 06:29 |
|
drojf |
:( |
| 06:30 |
|
|
fridolin joined #koha |
| 06:30 |
|
fridolin |
hie there |
| 06:30 |
|
|
ShannonP joined #koha |
| 06:30 |
|
drojf |
hi fridolin |
| 06:33 |
|
fridolin |
drojf: hello, how are u ? |
| 06:33 |
|
* fridolin |
morning coffee |
| 06:33 |
|
drojf |
fridolin: fine, and you? |
| 06:33 |
|
|
alex_a joined #koha |
| 06:33 |
|
fridolin |
never strong enought |
| 06:33 |
|
drojf |
coffee for me too please! |
| 06:33 |
|
fridolin |
sugar ? |
| 06:33 |
|
wahanui |
it has been said that sugar is yummy :) |
| 06:33 |
|
alex_a |
bonjour |
| 06:34 |
|
drojf |
no sugar please |
| 06:34 |
|
drojf |
just black goodness |
| 06:42 |
|
|
reiveune joined #koha |
| 06:43 |
|
reiveune |
hello |
| 06:45 |
|
|
AndrewIsh joined #koha |
| 06:54 |
|
|
paul_p joined #koha |
| 07:03 |
|
|
laurence joined #koha |
| 07:16 |
|
|
baptiste joined #koha |
| 07:39 |
|
|
sophie_m joined #koha |
| 07:39 |
|
sophie_m |
hello #koha |
| 07:42 |
|
|
alex_a joined #koha |
| 07:44 |
|
sameee |
hi sophie_m |
| 07:45 |
|
* sameee |
waves |
| 07:48 |
|
|
cait joined #koha |
| 07:51 |
|
sameee |
wunder wellington |
| 07:57 |
|
cait |
morning #koha |
| 07:57 |
|
cait |
@wunder Konstanz |
| 07:57 |
|
huginn` |
cait: Error: No such location could be found. |
| 07:57 |
|
cait |
it appears to be broken atm |
| 08:03 |
|
* magnuse |
waves |
| 08:04 |
|
|
alex_a joined #koha |
| 08:14 |
|
sameee |
rip wunder |
| 08:14 |
|
sameee |
:'( |
| 08:20 |
|
|
sameeenz joined #koha |
| 08:34 |
|
|
alex_a joined #koha |
| 09:27 |
|
|
mveron joined #koha |
| 09:27 |
|
mveron |
Hi #koha |
| 09:27 |
|
mveron |
@wunder Basel |
| 09:27 |
|
huginn` |
mveron: Error: No such location could be found. |
| 09:28 |
|
mveron |
@wunder Allschwil |
| 09:28 |
|
huginn` |
mveron: Error: No such location could be found. |
| 09:28 |
|
eythian |
hi |
| 09:28 |
|
wahanui |
hola, eythian |
| 09:29 |
|
* mveron |
waves |
| 09:35 |
|
* LibraryClaire |
waves |
| 09:37 |
|
* eythian |
makes waves |
| 09:38 |
|
* magnuse |
plays in the waves |
| 09:40 |
|
* mveron |
swims |
| 09:42 |
|
* cait |
shakes her head |
| 09:42 |
|
* LibraryClaire |
sends in eels |
| 09:42 |
|
cait |
mean |
| 09:43 |
|
* cait |
sends in the kraken |
| 09:43 |
|
* LibraryClaire |
leaves |
| 09:48 |
|
* magnuse |
hopes the eels are smoked |
| 09:49 |
|
cait |
lol |
| 10:05 |
|
|
kmlussier joined #koha |
| 10:05 |
|
|
Francesca joined #koha |
| 10:24 |
|
|
alex_a_ joined #koha |
| 10:45 |
|
|
yyy joined #koha |
| 10:46 |
|
yyy |
i am trying to add one journal in serials and acquisitions but when i try to add it in acquisitions it says "cannot be ordered" what could be the problem |
| 10:46 |
|
yyy |
where is this to sort out |
| 10:46 |
|
yyy |
ISSNTitleNotes VendorLibraryCall numberExpiration date 0366-7022 Chemistry Letters Allied Publishers Subscription Agency 31/12/2017 Cannot be ordered |
| 11:17 |
|
mtj |
yyy: are you running a recent version of Koha? |
| 11:18 |
|
yyy |
yes |
| 11:18 |
|
yyy |
i found the mistake |
| 11:18 |
|
yyy |
how to correct all wrongly entered vendors |
| 11:18 |
|
yyy |
i had one vendor added with s and one not added with s and it was wrongly selected |
| 11:19 |
|
yyy |
though i deleted from acquisitions still same vendor is there in serials |
| 11:19 |
|
yyy |
so it picked up in serials that vendor |
| 11:19 |
|
yyy |
and it was not there in acquisitions |
| 11:22 |
|
mtj |
hmm, could be a bug? |
| 11:24 |
|
yyy |
acquisitions and serial control need to be improved. i was struggling to add ejournal in serials and acquisitions |
| 11:24 |
|
mtj |
yyy: you could describe your problem in more detail at -> http://bugs.koha-community.org |
| 11:24 |
|
mtj |
agreed |
| 11:24 |
|
|
alex_a joined #koha |
| 11:42 |
|
|
oleonard joined #koha |
| 11:49 |
|
|
caboose joined #koha |
| 11:52 |
|
oleonard |
Hi all |
| 11:52 |
|
eythian |
hi oleopard |
| 12:05 |
|
|
francharb joined #koha |
| 12:09 |
|
|
kellym joined #koha |
| 12:10 |
|
francharb |
Good morning #koha |
| 12:20 |
|
|
marcelr joined #koha |
| 12:20 |
|
marcelr |
hi #koha |
| 12:23 |
|
eythian |
hi marcelr |
| 12:23 |
|
marcelr |
goedemiddag |
| 12:23 |
|
eythian |
https://www.citylab.com/design[…]ps-photos/521508/ <-- marcelr, this is particularly interesting, especially the videos |
| 12:24 |
|
marcelr |
404 ? |
| 12:24 |
|
wahanui |
i think 404 is not found |
| 12:25 |
|
eythian |
works for me when I click on the link |
| 12:25 |
|
marcelr |
funny |
| 12:25 |
|
marcelr |
i will try another browser |
| 12:25 |
|
|
alex_a joined #koha |
| 12:26 |
|
marcelr |
yeah see it now |
| 12:32 |
|
* kidclamp |
waves |
| 12:32 |
|
jcamins |
oleonard: is that your Dúnedain name? |
| 12:32 |
|
marcelr |
hi kidclamp |
| 12:32 |
|
marcelr |
and jcamins |
| 12:32 |
|
wahanui |
jcamins is too young to be the President of the United States. Which is a pity, because he had the votes at the 3.12 election. |
| 12:33 |
|
marcelr |
:) |
| 12:33 |
|
oleonard |
I don't know jcamins I was just doing what the cool kids were doing. |
| 12:33 |
|
marcelr |
still too young? |
| 12:38 |
|
jcamins |
marcelr: yep. |
| 12:38 |
|
|
nengard joined #koha |
| 12:39 |
|
marcelr |
np |
| 12:39 |
|
oleonard |
Yeah everyone knows the legal age for being president is 70. |
| 12:39 |
|
marcelr |
at least |
| 12:40 |
|
oleonard |
But it's like U.S. copyright, they keep raising it so that Mickey Mouse can be president. |
| 12:40 |
|
marcelr |
thought he was :) |
| 12:40 |
|
oleonard |
Yeah I wish. Donald Duck as Secretary of Defense would be an improvement. |
| 13:02 |
|
|
meliss joined #koha |
| 13:04 |
|
|
NateC joined #koha |
| 13:16 |
|
|
JoshB joined #koha |
| 13:32 |
|
|
talljoy joined #koha |
| 13:43 |
|
|
kholt joined #koha |
| 13:45 |
|
|
mveron-away joined #koha |
| 13:46 |
|
|
jzairo joined #koha |
| 14:04 |
|
|
JoshB joined #koha |
| 14:12 |
|
|
talljoy joined #koha |
| 14:14 |
|
|
francharb joined #koha |
| 14:22 |
|
|
tcohen joined #koha |
| 14:23 |
|
barton |
tcohen, I found an issue with HoldsLog: bug 18382 -- the log for the action 'suspend' is dumping an entire DateTime object into ActionLogs. |
| 14:23 |
|
huginn` |
Bug http://bugs.koha-community.org[…]_bug.cgi?id=18382 enhancement, P5 - low, ---, koha-bugs, NEW , action_logs entry for module HOLDS, action SUSPEND is spammy |
| 14:26 |
|
tcohen |
barton: (y) |
| 14:26 |
|
barton |
tcohen: (noooooooooooooooooooooooooo!) ;-) |
| 14:27 |
|
tcohen |
? |
| 14:27 |
|
tcohen |
too many logs? he |
| 14:27 |
|
barton |
oh, I assumed that (y) was for yes... |
| 14:28 |
|
barton |
tcohen: a single log entry contains hundreds of lines that look like this: bless( {'spans' => [['-inf','59418043200','-inf','59418014822',-28378,0,'LMT'],['59418043200','60502413600','59418014400','60502384800',-28800,0,'PST'],['60502413600','60520554000','60502388400','60520528800',-25200,1,'PDT'],['60520554000','60533863200','60520525200','60533834400',-28800,0,'PST'], |
| 14:30 |
|
tcohen |
barton: it looks like that's tz info, right? |
| 14:30 |
|
barton |
tcohen: yeah. |
| 14:32 |
|
barton |
... there's the full locale in there, including tz. |
| 14:33 |
|
barton |
I wonder if there's a way to recursively 'unbless' the object when you're dumping it. |
| 14:33 |
|
* oleonard |
waves to tcohen and barton while contributing nothing to the conversation |
| 14:33 |
|
|
TGoat joined #koha |
| 14:34 |
|
barton |
hi oleonard! |
| 14:34 |
|
wahanui |
hi olé onard |
| 14:35 |
|
cait |
Joubu++ |
| 14:40 |
|
mveron |
Great mail about helping Koha, Joubu! |
| 14:40 |
|
mveron |
Joubu++ |
| 14:42 |
|
|
LibraryClaire left #koha |
| 14:42 |
|
mveron |
A dign-off a day keeps Koha on it's way |
| 14:42 |
|
mveron |
sign-off :-) |
| 14:42 |
|
* mveron |
should put his glasses... |
| 14:45 |
|
barton |
Joubu++ |
| 14:48 |
|
* mveron |
will be back later |
| 14:56 |
|
|
francharb joined #koha |
| 15:10 |
|
|
jac joined #koha |
| 15:13 |
|
|
jbeno joined #koha |
| 15:14 |
|
|
laurence left #koha |
| 16:08 |
|
cait |
Joubu++ great email |
| 16:23 |
|
|
LibraryClaire joined #koha |
| 16:29 |
|
|
mveron joined #koha |
| 16:32 |
|
|
mveron joined #koha |
| 16:33 |
|
mveron |
Hi agein #koha |
| 16:33 |
|
mveron |
again :-) |
| 16:33 |
|
* mveron |
should put his glasses... |
| 16:34 |
|
mveron |
I help a small library to troubleshoot a Zebra problem. Zebra stops every two or three days. |
| 16:34 |
|
mveron |
Can anyone give me a pointer on where to start? |
| 16:35 |
|
|
TGoat joined #koha |
| 16:37 |
|
mveron |
OK, they will try later... |
| 16:38 |
|
mveron |
@wunder Basel |
| 16:38 |
|
huginn` |
mveron: Error: No such location could be found. |
| 16:58 |
|
|
rocio joined #koha |
| 17:03 |
|
|
fridolin left #koha |
| 17:13 |
|
|
nengard joined #koha |
| 17:15 |
|
|
cait left #koha |
| 17:31 |
|
Joubu |
Hola! |
| 17:38 |
|
|
cait joined #koha |
| 18:15 |
|
|
TGoat left #koha |
| 18:32 |
|
|
bjowens01 joined #koha |
| 19:04 |
|
|
talljoy_afk joined #koha |
| 19:44 |
|
|
kholt joined #koha |
| 19:48 |
|
|
kholt joined #koha |
| 20:11 |
|
espen___ |
hello there |
| 20:11 |
|
espen___ |
thanks for all your help a couple of weeks back |
| 20:12 |
|
espen___ |
I'm now moving on to OPAC authentication and need some more help |
| 20:12 |
|
|
jac joined #koha |
| 20:13 |
|
espen___ |
of the troubleshooting kind |
| 20:14 |
|
espen___ |
I can tap into shibboleth infrastructure but have hit something which I don't think is specifically a shibboleth issue and looking for suggestions |
| 20:16 |
|
Joubu |
espen___: there is a known issue under plack, see bug 17776 |
| 20:16 |
|
huginn` |
Bug http://bugs.koha-community.org[…]_bug.cgi?id=17776 normal, P5 - low, ---, gmcharlt, Needs Signoff , Shibboleth Authentication is broken in plack |
| 20:16 |
|
espen___ |
thanks |
| 20:17 |
|
espen___ |
I might look at that in more detail, but at the moment my issue is rather more basic: |
| 20:18 |
|
espen___ |
I've enabled shibboleth, which has activated the section in Shibboleth Login section of "Login to your account", with the following text: |
| 20:18 |
|
espen___ |
If you have a Shibboleth account, please click here to login. |
| 20:19 |
|
espen___ |
Unfortunately the actual URL of the 'click here to login' link is: https://shibboleth.sso/Login?t[…]koha/opac-main.pl |
| 20:20 |
|
espen___ |
so, two problems: hostname is AWOL |
| 20:20 |
|
espen___ |
and it should be Shibboleth.sso (case sensitive) |
| 20:21 |
|
espen___ |
ie. I'm expecting: http://koha.dar.cam.ac.uk/Shib[…]koha/opac-main.pl |
| 20:21 |
|
espen___ |
(until I've got SSL sorted out) |
| 20:21 |
|
|
caboose joined #koha |
| 20:21 |
|
cait |
check opacbaseurl |
| 20:22 |
|
cait |
system preference |
| 20:22 |
|
wahanui |
hmmm... system preference is not the way to do it. |
| 20:22 |
|
cait |
or more search for *baseurl - there is one for staff too |
| 20:22 |
|
cait |
and you will have to set up more things from command line i think |
| 20:22 |
|
cait |
there is a page with some instructions on the wiki |
| 20:22 |
|
espen___ |
ok...that's not set. |
| 20:22 |
|
cait |
yep, def set that |
| 20:23 |
|
cait |
it will also give you links to the opac from detail pages in staff :) |
| 20:23 |
|
cait |
it's used for a few things |
| 20:23 |
|
espen___ |
didn't touch that since OPAC was otherwise working :-) |
| 20:24 |
|
espen___ |
curiously that has fixed both problems in one go! |
| 20:24 |
|
espen___ |
(ie. shibboleth.sso now becomes Shibboleth.sso) |
| 20:25 |
|
espen___ |
I'm not going to argue, but that was a surprise :-) |
| 20:25 |
|
cait |
;) |
| 20:26 |
|
espen___ |
unfortunately it assumes https still despite specifying http in the opacbaseurl |
| 20:26 |
|
espen___ |
which I can obviously fix by going to https....but.... |
| 20:27 |
|
cait |
shibboleth only works with https |
| 20:27 |
|
espen___ |
errr...no |
| 20:28 |
|
|
Francesca joined #koha |
| 20:28 |
|
espen___ |
it does it's shibboleth'ing over SSL, but can sit in front of a standard HTTP server if you want |
| 20:28 |
|
espen___ |
(been there; done that!) |
| 20:28 |
|
cait |
maybe |
| 20:29 |
|
cait |
i just remember i had to set it up for testing shibboleth when it was first introduced |
| 20:29 |
|
cait |
it might be specific to our implementation |
| 20:29 |
|
cait |
too late for the experts to be around |
| 20:29 |
|
espen___ |
the trend it definitely towards SSL where you can though |
| 20:29 |
|
cait |
you sohuld with koha anyway |
| 20:29 |
|
cait |
patron data and all |
| 20:30 |
|
cait |
we support let's encrypt if that is helpful |
| 20:30 |
|
espen___ |
which I'll probably do, even if it means YACR (Yet Another Certificate to Renew!) |
| 20:30 |
|
espen___ |
I shouldn't complain; we get them for free! |
| 20:30 |
|
cait |
it might do that somewhat automatically - i haven't taken a closer look |
| 20:30 |
|
cait |
if you use what is in Koha |
| 20:31 |
|
cait |
but i think it has to be set up with creating the instance |
| 20:31 |
|
cait |
atm |
| 20:31 |
|
espen___ |
I do note an inconsistency between OPACBaseURL and staffClientBaseURL though |
| 20:31 |
|
cait |
yeah |
| 20:31 |
|
cait |
protocol |
| 20:31 |
|
cait |
i am not sure, i think we added https:// to staff anyway |
| 20:31 |
|
espen___ |
yup |
| 20:31 |
|
cait |
i noticed recently too |
| 20:32 |
|
espen___ |
in this case it gets ignored for OPACBaseURL anyway! |
| 20:32 |
|
cait |
true, but might not be the case overall |
| 20:33 |
|
cait |
shibboleth specifically changes it to https i think, but other spots do not |
| 20:33 |
|
espen___ |
so it may, but it's a wrong assumption. |
| 20:33 |
|
cait |
you'd have to argue with someone else about that |
| 20:33 |
|
cait |
i am not an expert |
| 20:33 |
|
espen___ |
not that it matters to me in this case, but just so you are aware |
| 20:34 |
|
espen___ |
on another note, |
| 20:34 |
|
espen___ |
shibboleth may be overkill for this, so if I don't get the rest of it working (nothing to do with koha), what is the support for something more simple? |
| 20:35 |
|
rangi |
lol |
| 20:35 |
|
cait |
you can have local passwords |
| 20:35 |
|
espen___ |
what if I just wanted to use apache .htaccess control? |
| 20:35 |
|
cait |
you can use CAS |
| 20:35 |
|
rangi |
we shouldnt support non https at all imho |
| 20:35 |
|
rangi |
for anything |
| 20:35 |
|
* cait |
agrees |
| 20:35 |
|
rangi |
so its unlikely we will make things less secure :) |
| 20:35 |
|
cait |
openid, pki auth |
| 20:36 |
|
cait |
ldap |
| 20:36 |
|
cait |
but not .htaccess |
| 20:36 |
|
espen___ |
why not? |
| 20:36 |
|
espen___ |
should be fundamentally the same as shib I would think? |
| 20:37 |
|
cait |
maybe i got the wrong idea of it, but htat sounds quite different |
| 20:37 |
|
espen___ |
trust the web server to have authenticated the user, match remote user to koha user? |
| 20:37 |
|
rangi |
if you have local users |
| 20:37 |
|
rangi |
why not just use local passwords |
| 20:37 |
|
rangi |
why the added complication of 2 places to define users |
| 20:37 |
|
espen___ |
sure. all the users are 'local' I'm just not interested in storing their passwords |
| 20:38 |
|
cait |
and having them on a file on the server where noone can change their password or use password forget would be better? |
| 20:38 |
|
espen___ |
the users all have their passwords in an external webauth system |
| 20:38 |
|
cait |
koha saves passwords encrypted and salted |
| 20:38 |
|
espen___ |
this is an SSO scenario |
| 20:39 |
|
rangi |
wouldnt be SSO with htaccess |
| 20:39 |
|
rangi |
single password maybe |
| 20:39 |
|
cait |
only single log in i guess |
| 20:39 |
|
rangi |
but not single sign on |
| 20:39 |
|
rangi |
you'd still have to login twice |
| 20:39 |
|
espen___ |
SWSO? |
| 20:39 |
|
cait |
yeah that's what i meant |
| 20:39 |
|
cait |
? |
| 20:39 |
|
espen___ |
Singel Web Sign On if you like |
| 20:39 |
|
rangi |
if you want actually SSO, you want to use shibboleth, or SAM |
| 20:39 |
|
rangi |
: |
| 20:39 |
|
rangi |
L |
| 20:39 |
|
rangi |
still not even that |
| 20:39 |
|
wahanui |
not even that is cold :) |
| 20:39 |
|
cait |
or CAS |
| 20:40 |
|
rangi |
you'd have to sign on to both sites still |
| 20:40 |
|
espen___ |
not really |
| 20:40 |
|
espen___ |
the second site knows you're already signed in |
| 20:40 |
|
espen___ |
likewise for third etc |
| 20:40 |
|
rangi |
how |
| 20:41 |
|
rangi |
i mean you can do that securely, via mod_mellon and SAML, or via CAS, or shibboleth |
| 20:42 |
|
espen___ |
not that it really matters to this discussion, the point is: I can do this through apache modules and .htaccess settings, all I need to is koha to understand that's what's happening (ie. koha doesn't need to know anything about this at all!) |
| 20:42 |
|
espen___ |
that was poorly worded |
| 20:42 |
|
rangi |
but you want to do it under http? so that if people sniff credentials for one site, they get access to all of them? |
| 20:42 |
|
rangi |
that seems irresponsible |
| 20:43 |
|
espen___ |
the credentials only get exchanged over SSL (it's via a third-party service) |
| 20:44 |
|
espen___ |
basically: apache redirects to 'webauth' over SSL from a .htaccess directive |
| 20:44 |
|
cait |
seems like a not so common scenario |
| 20:44 |
|
espen___ |
I'm pretty sure it is |
| 20:44 |
|
espen___ |
.htaccess controlling an authentication mechanism? |
| 20:45 |
|
rangi |
that'll work just fine yeah, thats nothing to do with koha |
| 20:45 |
|
cait |
brb - doing dishes |
| 20:46 |
|
espen___ |
only to the extent I need to tell koha: "don't worry about the authentication mechanism, just authorise this user based on the provided userid" |
| 20:46 |
|
espen___ |
how do I do that? |
| 20:46 |
|
rangi |
read the shibboleth code, and modify it |
| 20:47 |
|
rangi |
because that is exactly what shibboleth does |
| 20:48 |
|
espen___ |
yes; but that assumes shibboleth; I want to do it through 'any arbitrary auth mechanism supported by apache' |
| 20:48 |
|
rangi |
thats why i said, modify it |
| 20:48 |
|
espen___ |
it wouldn't be shib though |
| 20:49 |
|
rangi |
you'll have ot take that code, make a new if, check for the existence of whatever header or parameter you are going to decide to trust |
| 20:49 |
|
rangi |
then match that to a user |
| 20:50 |
|
espen___ |
let's say, for the sake of argument I said "I want to authenticate users to through mod_auth_basic" (not a great idea, but sets the parameters). |
| 20:50 |
|
rangi |
yep |
| 20:50 |
|
rangi |
thats set in an env variable |
| 20:51 |
|
rangi |
REMOTE_USER |
| 20:51 |
|
wahanui |
rumour has it REMOTE_USER is a server environment variable.. often set by apache during basic auth |
| 20:51 |
|
espen___ |
yup |
| 20:51 |
|
espen___ |
that's the kind of thing I'm expecting |
| 20:51 |
|
espen___ |
will koha understand this? |
| 20:51 |
|
rangi |
yes |
| 20:52 |
|
espen___ |
if so, what directories do I need to protect with .htaccess? |
| 20:52 |
|
rangi |
all of them |
| 20:52 |
|
espen___ |
for OPAC |
| 20:52 |
|
espen___ |
(in the first instance) |
| 20:54 |
|
rangi |
you'd have to do it per file, not per directory, because basic auth doesnt check with koha first if the user should be logged in, all the scripts to dthat and can be control by a system preference etc, they also check what permissions a user has, and if insufficent force them to login with a different user |
| 20:55 |
|
rangi |
so if you want the whole opac, thats easy /cgi-bin/koha |
| 20:55 |
|
rangi |
if you just want certain parts, because you arent using one of the more advanced sso methods, which check with koha, you'd have to do it on a script by script basis |
| 20:56 |
|
rangi |
(and it will still get into some potential auth loops when its a user with insufficent privs (probably only on the staff client tbf)) |
| 20:56 |
|
rangi |
thats why we don't recommend doing it that way anymore. Thats how it used to work in 2001 |
| 20:57 |
|
rangi |
the code is still there |
| 20:57 |
|
rangi |
if ( !$shib and defined( $ENV{'REMOTE_USER'} ) and $ENV{'REMOTE_USER'} ne '' and $userid = $ENV{'REMOTE_USER'} ) { |
| 20:57 |
|
|
alexbuckley joined #koha |
| 20:57 |
|
rangi |
just no one uses it much anymore |
| 20:58 |
|
espen___ |
ok, that looks reasonable |
| 21:00 |
|
espen___ |
I don't know if this is an ubuntuism but can I assume /cgi-bin/koha in this case is /koha/opac/cgi-bin/ or am I in the wrong place? |
| 21:01 |
|
rangi |
check your apache config for the virtualhosts, it'll be a scriptalias |
| 21:03 |
|
espen___ |
"/usr/share/koha/opac/cgi-bin/opac/" |
| 21:03 |
|
espen___ |
guess that's the default in the ubuntu install |
| 21:04 |
|
rangi |
id probably do the access control in the virtualhost config |
| 21:04 |
|
rangi |
because that wont get overwritten in upgrades, and would work with multiple instances |
| 21:05 |
|
espen___ |
fair point |
| 21:07 |
|
espen___ |
I have two possible approaches now so thank's for the help |
| 21:08 |
|
|
caboose-afk joined #koha |
| 21:10 |
|
cait |
aleisha++ |
| 21:11 |
|
rangi |
of course if you are using plack, you're going to have to figure that bit out yourself the env variables wont be passed to plack |
| 21:21 |
|
espen___ |
just to confirm this all works according to plan now |
| 21:21 |
|
espen___ |
set the apache-based auth up in the virtual config and it 'just works' |
| 21:22 |
|
espen___ |
much easier than shib! |
| 21:22 |
|
espen___ |
and allows me to add ip based access for our terminals |
| 21:23 |
|
rangi |
yeah but you cant run it under plack, so it's going to be slow(ish) |
| 21:24 |
|
espen___ |
I'll come back to that if it becomes a problem! |
| 21:24 |
|
rangi |
and you will hit authorisation problems on the staff side |
| 21:24 |
|
rangi |
but it should work for the opac |
| 21:26 |
|
espen___ |
staff side seems fine; I've not touched anything in that virtual host and staff still have purely local logins for that side (for now) |
| 21:30 |
|
reiveune |
bye |
| 21:30 |
|
|
reiveune left #koha |
| 21:34 |
|
espen___ |
thanks for helping out with this; it may seem a bit old-fashioned but actually is quite helpful that you've kept the code like this; as 'private' plug-ins for apache auth are not uncommon if not always obvious to the wider world. |
| 21:59 |
|
|
JoshB left #koha |
| 22:08 |
|
|
TGoat joined #koha |
| 22:13 |
|
|
kmlussier joined #koha |
| 23:24 |
|
|
irma joined #koha |
| 23:30 |
|
|
BobB joined #koha |
| 23:34 |
|
|
dilan joined #koha |
