Time Nick Message 23:42 rangi heh 23:42 eythian http://spendyourleapsecondhere.com/ 23:28 rangi http://en.lodlive.it/ 23:27 wizzyrea [off] eythian saved me from having to do the needful. 23:21 drojf good night #koha 23:15 mtj agreed :) 23:11 eythian mtj: it's better than invalid data getting in which causes strange explosions in 6 months time. 23:08 mtj eythian: i think the utf 'feature' might drive some users crazy... but hey 23:07 mtj thanks for the brainslap, btw :0) 23:05 eythian mtj: I think input validation everywhere possible is always a good thing, all the time, ever. 23:05 rangi excellent 23:05 eythian sweet 23:05 mtj rangi, eythian. im hoping to start adding Koha::Cache to the holidays code, later this week 23:01 drojf as a cosy complement to beer. lol. germans 23:01 wizzyrea that seems on-topic to me. 23:00 mtj ..off topic, how about this for a poss. Koha feature... checking for valid UTF when saving stuff? 22:59 drojf not very much information ;) 22:59 drojf [off] http://www.behn.de/en/brands/kuestennebel/ 22:58 drojf http://www.behn.de/en/brands/anis/ 22:57 mtj i too am interested ^ 22:57 mtj hey #koha 22:54 drojf i have not even thought about that in ages 22:53 drojf küstennebel is star anise liquor 22:53 eythian like Germany makes something other than beer. 22:53 drojf probably küstennebel 22:52 drojf kaloyiannis-koutsikos distilleries, 1st industrial zone of volos, 68e. that's a fantastic address 22:52 wizzyrea ^ this question is relevant to my interests. 22:52 rangi whats the closest german drink to ouzo? 22:52 rangi :) 22:51 drojf no, i'm choosing their booze over german booze, to weaken our economy in solidarity :P 22:49 eythian so you're taking their booze from them? That's pretty terrible! ;) 22:46 * drojf drinks an ouzo… to the people in greece 22:45 drojf i could use that from time to time ;) 22:42 eythian yeah, teaching is pretty good. Makes you get all your thoughts in order, to start with. 22:42 drojf [off] would be fun. and scary. heh. we'll see what happens 22:40 rangi cya later pianohacker 22:40 pianohacker and on that note, I have to leave to do just that 22:40 pianohacker teaching intro computer science is a lot of fun :) 22:39 rangi [off] ohhh that would be excellent 22:38 drojf [off] they consider letting me teach there *giggles madly* 22:37 rangi nice! 22:37 eythian sounds like you've got yourself a project then :) 22:35 drojf [off] i was told there is a high demand for koha at a new 'library computer science' master programme in my area :) 22:35 rangi quite a nice day 22:35 rangi yeah blue skies 22:32 drojf 11° sounds alright, i'd like that too right now 22:23 cdickinson it's actually pretty nice today here 22:23 huginn` cdickinson: The current temperature in Wellington, New Zealand is 11.0°C (10:00 AM NZST on June 30, 2015). Conditions: Clear. Humidity: 76%. Dew Point: 7.0°C. Pressure: 29.98 in 1015 hPa (Steady). 22:23 cdickinson @wunder nzwn 22:20 drojf i should have bought more of that buckwheat beer 22:19 rangi yuck 22:19 drojf and no wind at all 22:19 drojf we'll see. probably humid and sticky 22:18 rangi any wind with it? 22:17 drojf 10 more will be horrible 22:17 drojf i found 26°C today to be pretty warm 22:17 drojf lol exactly 22:17 rangi thats pretty warm 22:17 drojf 36°C on saturday. meh 22:15 drojf oh too slow 22:15 pianohacker kk, will do, thanks guys 22:14 drojf [off] it's bgkriegel@gmail.com on koha-translate 22:14 rangi [off] i use bgkriegel@unc.edu.ar or bgkriegel@gmail.com but that one should work too 22:13 pianohacker [off] rangi: gonzalez@famaf.unc.edu ? 22:13 rangi do you have his email? 22:13 pianohacker okay, thanks. 22:12 rangi the person i would ask is bernardo 22:12 huginn` 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=4503 enhancement, P5 - low, ---, frederic, NEW , Javascript files in js directory are not translated 22:12 pianohacker rangi: ot, but do you know of any documentation on how to use xgettext.pl (or something else, if I'm barking up the wrong tree) to generate a starting .po file? I'm working on bug 4503 22:10 drojf hehe 22:10 rangi :) 22:10 rangi kick any bankers you see 22:10 rangi take money, spend it with local businesses 22:10 rangi exactly 22:09 drojf yeah i can imagine. i'd be happy to help rebuild the country with a visit to kohacon ;) 22:08 rangi probably a bit distracted at the moment though 22:08 rangi they are working on a full website to go with the wiki bit 22:07 drojf *the 22:06 drojf has there been any info on the thessaloniki bid for kohacon 2016 or did they just sneak it into thew wiki? 22:06 pianohacker hi eythian 22:05 drojf hi eythian 22:04 wahanui what's up, eythian 22:04 eythian hi 21:58 drojf did not help that yaz-client works out of the box for loc and gbv (german library network) but not for them. i should have read more on ZOOM before having funny ideas :P 21:55 wahanui rumour has it interesting is sometimes good and sometimes bad 21:55 rangi interesting 21:55 drojf but i learned a lot ;) 21:55 drojf so i bothered the national library about their SRU server config and in the end the problem was that koha eats the tilde you have to use to provide an access token in the base url. it has to be encoded as %7e and apparently it worked without that in earlier versions 21:47 drojf too fast for me 21:47 rangi cya cait 21:47 cait night :) 21:47 rangi heh 21:46 drojf first koha on a raspberry bush would be awesome 21:46 cait be careful, they can be mean :) 21:45 rangi heh 21:45 drojf balcony even 21:45 drojf i did not pay attention to my balkony for a few days and now i have 2m long raspberry shoots growing all over the place :) 20:41 huginn` drojf: The current temperature in Berlin Tegel, Germany is 22.0°C (10:20 PM CEST on June 29, 2015). Conditions: Clear. Humidity: 53%. Dew Point: 12.0°C. Pressure: 30.12 in 1020 hPa (Rising). 20:41 drojf @wunder berlin, germany 20:30 * cait grumps about keeping things simple ;) 20:25 rangi http://blog.bigballofwax.co.nz/2012/07/31/yes-you-should-rewrite-it-no-not-like-that/ 20:25 rangi ill just leave this here 20:24 rangi i saw a lot of rewrite discussion last night 20:03 indradg kia ora #koha 17:36 * magnuse gives the evening wave 16:36 gaetan_B bye 16:30 huginn` AmitG: 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14472 enhancement, P5 - low, ---, amitddng135, Needs Signoff , Wrong ISSN search index in record matching rules 16:30 AmitG @bug 14472 16:13 huginn` 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7174 enhancement, P5 - low, ---, paul.poulain, NEW , Authentication rewriting 16:13 kivilahtio pianohacker: ashimema: matts_away: magnuse: care to take a new look at Bug 7174? Is it pfft again? This time I remembered to include all new files.. I hope. 16:06 reiveune bye 15:13 huginn` khall: The operation succeeded. 15:13 khall @later tell joubu can I get your feedback on bug 9011? 15:11 kivilahtio hi tehre! 15:09 cait hi pianohacker 15:08 pianohacker hallo 14:02 druthb Muggy now, soupy later. 14:01 huginn` druthb: The current temperature in Montrose (Mandell Place), Houston, Texas is 27.8°C (9:01 AM CDT on June 29, 2015). Conditions: Clear. Humidity: 85%. Dew Point: 25.0°C. Pressure: 30.02 in 1016 hPa (Falling). 14:01 druthb @wunder 77098 13:52 huginn` tcohen: The operation succeeded. 13:52 tcohen @later tell marcelr would you agree the feature should be renamed "Attach files to biblio records"? 13:36 * magnuse wanders off to barbeque som whale 13:29 drojf huh. i should leave the house from time to time 13:29 huginn` drojf: The current temperature in Berlin Tegel, Germany is 26.0°C (3:20 PM CEST on June 29, 2015). Conditions: Clear. Humidity: 34%. Dew Point: 9.0°C. Pressure: 30.09 in 1019 hPa (Steady). 13:29 drojf @wunder berlin, germany 13:24 nengard ditto for me 13:24 * magnuse has only been there in early spring, thanks goodness 13:24 magnuse marseille can get real hot, apparently 13:24 nengard that's surprising 13:24 nengard wow!! warmer than here 13:24 huginn` magnuse: The current temperature in Marseille / Marignane, France is 30.0°C (3:00 PM CEST on June 29, 2015). Conditions: Clear. Humidity: 32%. Dew Point: 16.0°C. Pressure: 30.08 in 1018 hPa (Falling). 13:24 magnuse @wunder marseille 13:24 nengard LOL 13:24 magnuse whi knew such a thing was possible... 13:23 huginn` nengard: The current temperature in University Hills, Austin, Texas is 24.4°C (8:23 AM CDT on June 29, 2015). Conditions: Scattered Clouds. Humidity: 99%. Dew Point: 24.0°C. Pressure: 30.04 in 1017 hPa (Steady). 13:23 nengard @wunder 78754 13:23 magnuse ooh, double digits! 13:23 huginn` magnuse: The current temperature in Bodo, Norway is 11.0°C (2:50 PM CEST on June 29, 2015). Conditions: Partly Cloudy. Humidity: 62%. Dew Point: 4.0°C. Pressure: 29.98 in 1015 hPa (Steady). 13:23 magnuse @wunder boo 13:23 nengard :) 13:20 magnuse nengard: ah, kewl anyways! 13:04 * tcohen was excited to add his recently moved to 3.20 libraries 13:04 paul_p (if only days had 40 or 45 hours...) 13:04 paul_p tcohen yep, that can/will be a future improvement. 13:04 tcohen hi :-D 13:04 paul_p hi tcohen. 13:03 tcohen paul_p: hea misses to show library type and country distribution 13:03 nengard you mean my hair? actually that's a pic from a couple months ago - but I do have new colors now :) hehe 13:02 tcohen well, picture-upload should be a REST webservice 13:02 wahanui magnuse is a Norwegian giant. 13:02 nengard magnuse? 13:01 marcelr we really should have one uploader 13:01 marcelr i found a third upload mechanism too in picture-upload 13:00 tcohen it is next on my list 13:00 tcohen ah, yes 13:00 huginn` 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6874 enhancement, P3, ---, julian.maurice, Passed QA , Attach a file to a MARC record (Was: File upload in MARC) 13:00 marcelr bug 6874 probably 13:00 tcohen what was that supposed to be about? 13:00 tcohen heh 13:00 marcelr lol 13:00 wahanui marcelr is, like, talking with tcohen about it 13:00 tcohen hey marcelr 12:59 marcelr hi tcohen 12:59 magnuse nengard: new colours? 12:59 tcohen hi magnuse nengard 12:58 nengard morning magnuse 12:58 magnuse hiya nengard and tcohen 12:44 tcohen hi cait! 12:43 cait tcohen: morning! 12:41 kivilahtio thanks 12:41 matts kivilahtio, http://wiki.koha-community.org/wiki/IRC_Regulars :) 12:41 kivilahtio ok, I wonder who M.Tompsett is 12:40 matts kivilahtio, nope, I'm not. I'm Matthias Meusburger 12:40 kivilahtio matts: Are you M.Tompsett? 12:35 tcohen morning! 12:35 AuroraSkywalker I'm going to troublshoot this more later. Thanks for your help so far. 12:29 AuroraSkywalker No I go to the page and it says something like err_name_not_resolved. May be the DNS settings I will look into that. Thanks 12:24 * magnuse gotta go afk for a bit 12:24 magnuse is dns set up correctly? 12:23 magnuse AuroraSkywalker: do you get the "it works" page or just nothing? 12:19 AuroraSkywalker no I thought that's what it needed for a mysql config. I removed it so its back to default. No more errors but it's still not there. 12:19 magnuse looks like the database is empty 12:18 magnuse do you have a file called "mysql"? 12:18 magnuse AuroraSkywalker: DEFAULTSQL="mysql" 12:11 AuroraSkywalker ok 12:07 drojf the comment for the serials table is "patron's opac search history"? that does not seem right :) 12:07 pastebot "AuroraSkywalker" at 127.0.0.1 pasted "cron messages" (162 lines) at http://paste.koha-community.org/164 12:06 AuroraSkywalker I'm getting a bunch of mails from cron about the mysql database, guess it probably wants one set up before the program will even load the page. I'll try that and see if I can make any progress. 11:59 AuroraSkywalker when I look at the system status it says something like thearchives-koha-zebra: fatal: failed to become a deamon: Resource temporarily unavaliable 11:55 AuroraSkywalker the only things I changed were the domain and the defaultsql 11:54 pastebot "AuroraSkywalker" at 127.0.0.1 pasted "koha config" (61 lines) at http://paste.koha-community.org/163 11:50 magnuse (or the default one) 11:49 magnuse (not koha-conf.xml, but the one you gave to --configfile) 11:49 AuroraSkywalker sure one sec 11:48 wahanui I eat paste! It's tasty! http://paste.koha-community.org 11:48 magnuse paste? 11:48 magnuse can you paste the config file? 11:48 magnuse http://wiki.koha-community.org/wiki/Debian#Create_a_Koha_instance 11:48 AuroraSkywalker Thanks for replying 11:48 AuroraSkywalker I think maybe I got something wrong in the config file. I don't know I'm trying to look at my logs to see if it says anything 11:47 AuroraSkywalker Yes, though I haven't configured mysql yet I usually do that when the page shows up 11:46 magnuse AuroraSkywalker: did you create an instance? 11:43 AuroraSkywalker Now it has some fatal issue when I restarted the process, at least it is showing an error now. 11:40 AuroraSkywalker Active: active (exited) since Mon 2015-06-29 06:09:27 CDT; 17min ago 11:40 AuroraSkywalker Hi I'm trying to install koha, on Debian. Followed the instructions but nothing is showing up at the domain it is suppose to. Can't really find any troubleshooting links. Tried to install stable, using local mysql. When I check to see if service koha-common status it returns Loaded: loaded (/etc/init.d/koha-common) 11:32 vfernandes <listen id="publicserver">tcp:localhost:9999</listen> it works, <listen id="publicserver">tcp:@:9999</listen> not 11:18 drojf man yaz-client (aka i don't know :) ) 11:16 vfernandes how to pass username/password? 11:16 drojf oh but you tried localhost so that should not be it :) 11:16 drojf it may not be reachable at all from the outside due to firewall or something 11:14 vfernandes I think this is a server configuration problem 11:14 vfernandes with 9999 I've the same problem 11:12 vfernandes let me try 11:12 drojf vfernandes: does your network/ server actually allow to use such a low port? have you tried 9998 or something? 11:03 vfernandes Connecting...error = System (lower-layer) error: Connection refused 11:03 vfernandes when trying to access the Z39.50 with yaz-client (yaz-client -c /KEEPS/koha/etc/zebradb/ccl.properties localhost:210/biblios) I get the following error: 11:00 vfernandes <listen id="publicserver">tcp:@:210</listen> 11:00 vfernandes i've uncommented the lines refered in that wiki and i've restarted zebra server 10:59 vfernandes http://wiki.koha-community.org/wiki/Troubleshooting_Koha_as_a_Z39.50_server 10:59 vfernandes can anyone help me configuring koha public Z39.50 server? 10:42 drojf it's ok so far ;) 10:42 drojf hi marcelr :) 10:41 marcelr hi drojf: hope your monday is better :) 10:39 drojf "after 5.6, the server default will include STRICT_TRANS_TABLES." that should be fixed properly :) 10:37 vfernandes yes 10:36 drojf vfernandes: where do you set it? in my.cnf? 10:35 vfernandes drojf : I didn't tried to change the code, because disable that option worked for me 10:35 cait bbiab 10:34 drojf ? 10:34 drojf vfernandes: does it work when you use $input->param("enrolmentperioddate") = 'NULL' if enrolmentperioddate is not filled 10:33 vfernandes cait: the control of the data inserted could be done by the software code or by the database... Usually it's done by the software code, but in some MySQL installations the option STRICT_TRANS_TABLES comes as default 10:31 cait vfernandes: sounds like soething we still should fix properly :) 10:30 vfernandes then I've remembered that MySQL has mecanisms to block inserts with incorrect values... the option STRICT_TRANS_TABLES is responsible to that block ('' (empty string) is not a valid date, '' is not a valid number...) 10:28 vfernandes kivilahtio: if the code was working for rangi and for drojf, the problem only could be software related (perl, MySQL, etc...) 10:24 kivilahtio sounds like a very hard to debug thing 10:23 kivilahtio vfernandes: I am happy you found your solution 10:21 vfernandes thanks magnuse, cait, rangi and drojf 10:18 vfernandes removing that option it works :D 10:18 vfernandes MySQL documentation : "If a value could not be inserted as given into a transactional table, abort the statement. For a nontransactional table, abort the statement if the value occurs in a single-row statement or the first row of a multiple-row statement. More details are given later in this section." 10:16 vfernandes STRICT_TRANS_TABLES 10:15 drojf do you mean it has to be NULL, not ''? 10:13 vfernandes MySQL doesn't have an option to controll empty values? 10:12 vfernandes I think I know what it is... 10:11 vfernandes $input->param("enrolmentperioddate") = '' if enrolmentperioddate is not filled 10:10 vfernandes looking at the code I don't see where the problem is 10:10 pastebot "vfernandes" at 127.0.0.1 pasted "Code of categories.pl" (33 lines) at http://paste.koha-community.org/162 10:07 drojf i have the same. it is an upgraded installation (from 3.18) though 10:06 vfernandes debian 7, perl 5.14.2 10:05 vfernandes could be something related to SO version or Perl version? 10:05 drojf can't reproduce 10:04 vfernandes i've tried on Firefox and Chrome 10:04 vfernandes "An error occurred when inserting this patron category. The patron category might already exist." this is the error on the interface 10:03 vfernandes english version 10:03 drojf oh you said english templates, sorry 10:02 drojf vfernandes: do you try it in the english version or translated? 09:57 cait heya rangi 09:56 rangi and on one upgraded from 3.20.0 09:56 rangi on a fresh install 09:56 rangi i cant reproduce either 09:54 cait worht noting it's a fresh installation 09:54 cait vfernandes: maybe best to file a bug report 09:49 vfernandes I don't know... this is the first time I've installed a version up than 3.16 09:48 cait wonder if it could be a difference between updated/new installation 09:46 cait hm 09:45 vfernandes fresh install 09:45 vfernandes english templates 09:45 cait translated templates or english templates? 09:45 cait did you just update? 09:44 vfernandes but I get the following error in the logs : DBD::mysql::st execute failed: Incorrect date value: '' for column 'enrolmentperioddate' at row 1 at /KEEPS/koha/intranet/cgi-bin/admin/categorie.pl 09:44 cait magnuse: but works for you? 09:44 cait hm yeah that shoudl work 09:44 vfernandes i'm adding a categorie with a defined period time of 12 months (for example) 09:43 cait .... when adding categories 09:43 cait ah sorry, missed that 09:43 cait vfernandes: what are you doing to trigger the errror? 09:39 vfernandes the enrolmentperiod and enrolmentperioddate can be NULL in the database 09:38 vfernandes if I fill the enrolmentperioddate : DBD::mysql::st execute failed: Incorrect integer value: '' for column 'enrolmentperiod' at row 1 at /KEEPS/koha/intranet/cgi-bin/admin/categorie.pl 09:38 magnuse vfernandes: i can't reproduce... 09:35 vfernandes when adding categories : DBD::mysql::st execute failed: Incorrect date value: '' for column 'enrolmentperioddate' at row 1 at /KEEPS/koha/intranet/cgi-bin/admin/categorie.pl 09:35 vfernandes problem in Koha 3.20.1 09:35 vfernandes hi guys 09:26 ashimema basically.. they just allow one to plug on routine to do the actual authentication and authorization.. but they give a nice framework for holding it all together 09:26 kivilahtio ashimema: lucky me I already had to go to significatn depths on how Mojolicious works to make logging work and extend pluginss 09:26 ashimema I've used the authentication one as an inspiration for writing my own.. and I use the Authorization one out of the box ;) 09:26 kivilahtio ashimema: thanks, I'll take a look 09:25 ashimema I'm reasonably confident they could be used for inspiration ;) 09:25 ashimema I really like the way https://metacpan.org/pod/Mojolicious::Plugin::Authentication and https://metacpan.org/pod/Mojolicious::Plugin::Authorization are laid out 09:21 * magnuse cheers kivilahtio on 09:21 kivilahtio I'll make it better today, I got some nice ideas this weekend I am eager to put into practice 09:20 ashimema all good 09:20 kivilahtio sorry, need to review a press release :) 09:20 kivilahtio see the _check_version for ex. 09:20 kivilahtio ashimema: my modifications ai to be 100% backwards compatible. So we can rewrite portions in steps 09:19 matts yep, and be able to define an order would be nice 09:19 ashimema etc. etc 09:19 ashimema Try LDAP, Never fallback to Local.. 09:19 ashimema Try CAS, then LDAP, then Local.. 09:19 ashimema woudl be better to be able to make this explicit.. 09:18 ashimema so.. at the moment.. koha says.. 'if CAS enabled try CAS, if LDAP enabled, try LDAP, try Loca.. 09:18 ashimema I'd like a fallback path written into a re-write too.. 09:17 ashimema if one needs a particular permissions.. then a check_perm($permission) should be the definative call (and it may well call check_auth internally as the first step ;) ) 09:16 ashimema if one just needs auth.. then check_auth should be the one way to get it.. 09:15 ashimema i.e. 09:15 ashimema that would actually be far better factored out. 09:15 ashimema your last step.. Check if haspermission.. 09:14 ashimema set_userenv is non-restful.. though I actually have no issue with using such caches.. they just need to be transparent from the client. 09:11 ashimema with a simple yes/no as the response 09:11 ashimema kivi.. what you likely need for a central auth module is a sub 'authenticate' which accepts username:password:other_hashref 09:11 cait ok 09:09 ashimema is x authenticated? yes/no 09:09 ashimema there are standard pam modules for all sorts of things.. and basically the api is as simple as.. 09:09 kivilahtio "convetion over configuration" 09:08 kivilahtio but the Idea is to have authentication subroutines, but they wont need configuring :) 09:08 ashimema basically cait, pam is a standardised API that apps in linux can hand off to for authentication.. 09:08 kivilahtio well I have no clue how to use it and I am not going to replicate it for Koha 09:08 ashimema lol.. 09:08 kivilahtio I hate linux PAM 09:08 ashimema Linux Pluggable Authentication Modules 09:08 kivilahtio ashimema: nope 09:07 cait PAM? 09:07 ashimema ooh.. are you a PAM man? 09:07 kivilahtio PAM for Koha :) 09:07 kivilahtio its very interesting :) 09:07 kivilahtio well I'll just keep working on it 09:06 ashimema right.. back to auth.. 09:06 kivilahtio every request needig auth 09:06 ashimema it sends auth details with every request. 09:06 ashimema So.. in effect SIP is jsut RESTful in nature.. 09:06 ashimema :) 09:05 ashimema temporary variale that are only setup for a shorter period of time. 09:05 kivilahtio ashimema: thanks for clairification ,we agreee 09:05 ashimema they're onyl not restfull if you store stuff like search history in them.. 09:05 kivilahtio not sure if we agree or disagree 09:05 ashimema cookies.. get sent with every request.. thus.. they are sending all authentication detail with every request.. thus they are prefectly restful 09:04 kivilahtio it doesn't make it any more non-REST 09:04 ashimema and in fact.. anyone that tells you cookies means this isn't the case doesn't understand this stuff either ;) 09:04 kivilahtio so normal Koha-users can benefit from it 09:04 kivilahtio ashimema: yes I understand, but we need to support the CGISESSID as well 09:04 ashimema auth with every request.. 09:04 ashimema that's exactly what REST is all about too kivi 09:04 kivilahtio so we get the authentication information on each message that reasonably needs authentication 09:03 kivilahtio the sip speficiation claims that each message can be a stand-alon message 09:03 ashimema why persist it ;) 09:03 kivilahtio atleast it doesnt persist the authentication 09:03 kivilahtio cait: I dont think it really authenticates :) 09:02 cait the way SIP does authenticate is nto very clean right now... i got a bug for that somewhere 09:01 cait are the ones that come to mind 09:01 cait native Koha, CAS, LDAP, Shibboleth - also SIP, ILS-DI, svc 09:01 cait kivilahtio: thinking of apis.... 09:00 matts Okay, will look at it ! 08:59 kivilahtio matts: there is a gdoc link for my spec and some WIP commit for people to see where this is heading 08:59 huginn` 04Bug 7174: enhancement, P5 - low, ---, paul.poulain, NEW , Authentication rewriting 08:59 kivilahtio http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7174 08:59 kivilahtio matts: It is a critical part of the REST API development to get a sane authentication framework for all the various ways of authenticating to Koha 08:58 ashimema matts, would be really good to get your input too ;) 08:58 matts kivilahtio, sure, where is it ? 08:58 ashimema I'll dip in as often as I can to comment.. 08:58 kivilahtio matts: it is stil WIP but I need people to support it so we have any hope of getting it pushed 08:58 ashimema I'd say go for it kivi.. 08:58 kivilahtio matts: want to review my work? 08:58 matts that's nice to hear :) 08:58 kivilahtio ashimema: I understand 08:58 kivilahtio matts: working on it 08:58 matts We miss a modular auth stack in koha 08:58 ashimema I have sic months worth of back log for paying customers here at the minute :( 08:57 kivilahtio but if we could agree on a datetime for a review, that would be aswesome 08:57 ashimema at the minute. I can't easily judge.. 08:57 ashimema there's more persona stuff in some files in /opac/svc 08:57 kivilahtio I will work on it more now 08:57 kivilahtio ashimema: you still didnt tell me when you have time to take a look at the rewrite? 08:57 ashimema yeah.. Auth is a mess ;) 08:57 kivilahtio ok 08:57 cait https://www.mozilla.org/en-US/persona/about/ 08:57 ashimema it's not CAS.. 08:56 ashimema nah.. that's just because the varialbe are all messed up and re-used all over the shop ;) 08:56 ashimema it sends a 'special token' which koha then binds on 08:56 kivilahtio in C4::Auth there is only one check for PT-parameter in context of Persona, and the PT leads to CAS 08:56 ashimema Firefox acts as your identity keeper.. 08:55 ashimema persona is a firefox thing 08:55 cait todally different 08:55 cait no 08:55 cait it probably still workds tho 08:55 kivilahtio I thought Persona was part of CAS 08:55 ashimema along with local auth over BASIC or Params 08:55 cait i think persona is dead kind of 08:55 ashimema there is also Persona and APK support in koha.. 08:55 kivilahtio CAS only want a PT-http parameter 08:55 ashimema but matts would be able to better comment 08:55 ashimema I 'think' CAS is also SSO.. 08:54 ashimema SLO - Single Log On (i.e sign in to each app individually, but using the same set of credentials each time) 08:54 ashimema SSO = Single Sign On (i.e sign in once on one app, be signed into all other apps at the same time) 08:54 kivilahtio single-sign on vs single log on 08:54 cait so that would be the main difference i guess 08:54 kivilahtio ? 08:54 cait aah 08:54 kivilahtio single log on 08:54 cait slo? 08:54 ashimema Shibboleth is SSO.. LDAP is SLO 08:53 ashimema yup.. 08:53 cait also for accessing electronic ressources 08:53 magnuse http://perldoc.koha-community.org/C4/Auth_with_ldap.html 08:53 cait shibboleth is very common here - to build single sign on solutions 08:53 ashimema C4::Auth_with_ldap kivi 08:53 kivilahtio ashimema: when can you take a look at the authentication rewrite? 08:53 cait only the ldap does that so far -ashimema has patches for it to happen with shib too 08:53 cait yep 08:53 cait i think in the ldap module 08:52 kivilahtio mm, mybe it is on C4::Auth_LDAP 08:52 cait maybe because it happens elsewher? :) 08:52 kivilahtio really? I haven't seen that in C4::Auth? 08:52 cait also updating the user everytime they authenticate 08:52 cait it's just an optional feature 08:52 cait already 08:52 cait kivilahtio: we do 08:51 kivilahtio cait: I think in Koha we could easily add a borrower from the information LDAP returns 08:51 ashimema I think it sort of sits in the middle of those two methods 08:51 cait with shib you can authenticate at the... campus portal and then you are automatically logged into koha as well - can you do that kind of thing with ldap? 08:51 ashimema CAS i'm not 100% sure how it works.. 08:51 cait ashimema: hm differences between ldap and shib... 08:50 ashimema but if your relying upon ldap to populate your users, then that will only happen at first login 08:50 magnuse gotcha 08:50 cait if you do the 'create users via ldap' thing 08:49 cait then they can chek out 08:49 ashimema if those user account are already in the koha end they can... 08:49 cait magnuse: you'd tell them to go log into the opac once 08:49 ashimema sorry.. 08:49 magnuse cait, ashimema: oh 08:49 ashimema but that's an enhancement I'd love to do.. 08:49 ashimema right now magnuse, no.. 08:49 cait magnuse: not yet, but i think there is apatch lingering somewhere in koha 08:49 ashimema similarly to ldap, the shibboleth secret handshake can include lots of extra details from which you can build a koha user from/update an existing user from. 08:48 magnuse how does ldap work if the user has never signed into koha, but comes to check out a book? can koha then get the patron data without the user's password? 08:48 ashimema Shibboleth: Koha asks browser 'Do we have a logged in user?', Browser replies with yes or no, if no then user can ask to authenticate, koha says 'OK, go over there and authenticate, then bring me back a secret handshake'. (So, the big thing here is koha NEVER see's the users username and password). 08:47 kivilahtio yup 08:47 ashimema LDAP... User inputs username & password into KOHA.. koha then sends these to ldap server and asks "Are they OK?", LDAP then replies with OK and other details if configured to give those (from which you can build new users, update existing users) 08:46 kivilahtio ok 08:45 ashimema it's the order in which the calls happen which is important. 08:45 ashimema OK.. they're all authentication systems (which can double up as authorization handlers) 08:44 kivilahtio ashimema: And If I was to implement a single sign on system for our Issue tracker and Koha librarians, which method would you recommend? 08:44 ashimema it will all ask what their password is.. then compare it to what they gave you 08:44 ashimema it'll then perform an ldap search to find the user that's trying to login.. (i.e samaccountname).. 08:44 kivilahtio apparently LDAP and Shibboleth are pretty muc hthe same? 08:43 kivilahtio ashimema: speaking of LDAP, can you tell me in two sentences what is the difference between LDAP and CAS and Shibboleth? 08:43 ashimema koha will attempt to login to the ldap server with your 'service user', (as per the username and password contained within the <user></user><pass></pass> block 08:43 cait fred_pt ^^ 08:42 ashimema So.. in your current flow.. 08:42 ashimema or at least that's my understanding 08:41 ashimema with auth_by_bind turned off, instead koha asks for the password and then does the comparision our side 08:41 ashimema not many ldap directories will allow the password to leak out.. so bind mean you send them username + password to the ldap and letting it 'bind' for you.. 08:39 ashimema ooh.. you probably want auth_by_bind.. I've hardly ever seen that set to '0' 08:38 ashimema sorry.. I missed the paste there... just reading it now 08:38 ashimema oops.. 08:04 huginn` kivilahtio: The operation succeeded. 08:04 kivilahtio @later tell pianohacker. I think I made a translation mistake in my head. When I said my work, I meant my job ... :) 08:04 * magnuse will have to set up ldap soon, so is all ears 07:53 cait i am just guessing around - you better listen to ashimema :) 07:52 fred_pt i'm kind of new to this ldap thing so i may give stupid awsers :) and i just need to have the users from windows domain to authenticate to koha interface 07:52 cait hm wondering, do you need to match password? 07:51 pastebot "fred_pt" at 127.0.0.1 pasted "LDAP config" (24 lines) at http://paste.koha-community.org/161 07:48 ashimema obviosly *** out anything personal ;) 07:48 ashimema http://paste.koha-community.org/ 07:48 ashimema whats your config look lke? 07:44 cait might be worth trying the mailing list 07:44 cait i have never set up ldap myself - so not much help here 07:43 cait hm i think the second looks more promising - maybe then it finds the user name but just the passwords are not matching? 07:42 fred_pt I have koha working wonderful just miss this step to "sell" it to my company for our new library... 07:42 fred_pt also i get this second line in the log: The request referenced an attribute that does not exist 07:40 fred_pt in ldap the "name" is "Frederico Almeida" but sAMAccountName is "falmeida" 07:39 fred_pt but looking at this awser it seems it can't find the password to match against or i see this wrong? 07:38 fred_pt if i try falmeida i get: opac-user.pl: LDAP Auth rejected : invalid password for user 'falmeida'. LDAP error #16: LDAP_NO_SUCH_ATTRIBUTE 07:38 fred_pt i tried several ways but the proper one should be "falmeida" as this is the pc login username 07:36 cait um maybe somethin in your mapping? is the name with the space the user login? 07:33 fred_pt does this means that i was able to log into windows ldap and it didn't find the user i tried to login with? 07:32 fred_pt LDAP Auth rejected : (sAMAccountName=frederico almeida) gets 0 hits, referer: http://trvlib.library.trivago.trv/cgi-bin/koha/opac-user.pl 07:31 fred_pt so i think i am missing something between the query i make and the fields in ldap server? 07:30 cait morning ashimema :) 07:30 ashimema well done fred_pt 07:29 fred_pt after having a better look into it i found the log i was looking for: opac-user.pl: LDAP Auth rejected : invalid password for user 'falmeida'. LDAP error #16: LDAP_NO_SUCH_ATTRIBUTE 07:29 fred_pt ok 07:26 gaetan_B hello 07:25 cait do you know wher your koha logs are? 07:25 cait error messages might show up in the usual logs 07:23 fred_pt i need to find out why my ldap connection is not working between koha and windows server 07:23 cait fred_pt: what kind of information are you looking for? 07:22 fred_pt Does the ldap in koha writes to any log file? 07:22 cait hi marcelr :) 07:19 marcelr hi #koha 07:15 cait morning #koha 07:12 * dcook waves and peaces out for the night 07:11 fred_pt now you got me - just found i have a shell.... let's try to use it... 07:09 drojf have you tried doing it in koha-shell? (if you are on a package installation) 07:09 fred_pt i am trying to put the ldap connection between koha and windows domain controller - it works with serachldap but not with koha 07:08 drojf fred_pt: don't know what yoiu are doing, but that looks like missing environment variables 07:08 huginn` AmitG: 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6810 enhancement, P4, ---, amitddng135, Needs Signoff , Send membership expiry reminder notices 07:08 AmitG @bug 6810 07:08 AmitG can you please check 07:07 alex_a AmitG: yep 07:07 AmitG alex_a around? 07:05 fred_pt opac-user.pl userid=***** password=****** it returns Can't locate C4/Auth.pm in @INC (you may need to install the C4::Auth module) anyone knows what is this error? 07:04 drojf morning 07:02 fred_pt This ldap thing is killing my last 2 mornings... :( 07:01 wahanui the only good morning is a dead one 07:01 fred_pt Good morning 06:59 wahanui niihau, alex_a 06:59 alex_a bonjour 06:56 fred_pt Oh and the windows server doesn't accept anonymous bind. 06:54 fred_pt *post 06:54 fred_pt Can i poaste here the config i have in koha-conf.xml? 06:53 fred_pt Ok now responding to your questions: koha version 3.14.16 - the documentation was the official one on koha site and ldap with bind. 06:51 fred_pt If i try to use opac-user.pl to test like: opac-user.pl userid=***** password=****** it returns Can't locate C4/Auth.pm in @INC (you may need to install the C4::Auth module) 06:51 ashimema are you doing auth by bind? 06:50 ashimema and what documentation have you followed thus far.. 06:50 ashimema What Koha version are you using.. 06:49 fred_pt Thanks! 06:49 fred_pt Is anyone able to give me a help on this please? 06:49 fred_pt I have searched for documentation, tried several ways and if i use a tool like ldapsearch i can connect and read the user data, within koha it always fails either by saying no results returned or by saying logon error. 06:47 fred_pt I need to be able to read the domain accounts as we have +800 users and growing fast. 06:47 wahanui bonjour, reiveune 06:47 reiveune hello 06:47 fred_pt My problem is really the ldap link to my domain controller. I have spent a few hours trying to solve this but no luck, 06:46 fred_pt Thanks for the kind reply 06:45 ashimema (though it's breakfast time for me.. so I'm about to head offline for a bit for that ;) ) 06:45 ashimema ask away.. someone is likely to try and answer 06:44 fridolin hie 06:44 fred_pt Good morning everyone! Can someone please spare some minutes helping me resolve a problem with my current Koha server? 06:43 huginn` ashimema: The current temperature in Monkswood, Stevenage, United Kingdom is 15.2°C (7:43 AM BST on June 29, 2015). Conditions: Clear. Humidity: 85%. Dew Point: 13.0°C. Pressure: 30.15 in 1021 hPa (Steady). 06:43 ashimema @wunder stevenage, uk 06:43 huginn` ashimema: The current temperature in Monkswood, Stevenage, United Kingdom is 15.2°C (7:42 AM BST on June 29, 2015). Conditions: Clear. Humidity: 85%. Dew Point: 13.0°C. Pressure: 30.15 in 1021 hPa (Steady). 06:43 ashimema @wunder stevenage, il 06:03 dcook :( 06:02 magnuse nope, something failed this year, so far... 06:01 * dcook isn't sure that Bodo has figured out it's summer yet though 06:01 dcook I think we only have 2 more months of winter here... 06:01 dcook I wonder that too 06:01 huginn` dcook: The current temperature in Sydney, New South Wales is 18.0°C (3:30 PM AEST on June 29, 2015). Conditions: Scattered Clouds. Humidity: 56%. Dew Point: 9.0°C. Pressure: 30.39 in 1029 hPa (Steady). 06:01 dcook @wunder syd 06:01 huginn` magnuse: The current temperature in Bodo, Norway is 9.0°C (7:50 AM CEST on June 29, 2015). Conditions: Scattered Clouds. Humidity: 76%. Dew Point: 5.0°C. Pressure: 29.92 in 1013 hPa (Steady). 06:01 magnuse @wunder boo 06:01 * magnuse wonders how we already got to the 29th 05:55 dcook Feels like a long day :p 05:54 dcook Oh, I don't mind 05:53 * magnuse hates to be the bringer of bad news 05:52 magnuse guess it is 05:52 * magnuse waves back 05:51 * dac waves to magnuse 05:51 dac Is it already that time of day? 05:51 * magnuse waves 05:00 * dcook looks forward to the day when Koha ships with Plack by default 03:28 AmitG hi all 01:12 wizzyrea (though I'll probably have something that kind of maybe says what to do in the next day or so.) 01:11 * dcook thumbs up 01:11 huginn` wizzyrea: The operation succeeded. 01:11 wizzyrea @later tell nengard documentation suggestion: write down what to do if you make a mistake receiving serials. :) 00:42 wizzyrea valid point 00:38 dcook Hmm, could be. Might need to do something with the items too if it was made automatically? 00:38 wizzyrea I feel like you just change the status back to "expected" 00:38 wizzyrea ...I just realised that I don't know how one "un-receives" a serial. 00:34 dcook ^_^ 00:34 wizzyrea lulz. 00:34 wizzyrea many lulx. 00:33 huginn` dcook: The operation succeeded. 00:33 dcook @later tell eythian But it was the same sentiment! 00:32 huginn` eythian: The operation succeeded. 00:32 eythian @later tell dcook it did 00:32 dcook Hmm that looked generic... 00:32 huginn` dcook: The operation succeeded. 00:32 dcook @later tell pianohacker thanks :) 00:32 huginn` dcook: The operation succeeded. 00:32 dcook @later tell tcohen thanks :) 00:31 dcook O_O 00:30 eythian https://twitter.com/rpy/status/615044896123031552 00:25 wizzyrea hi