On Wed, Aug 20, 2003 at 12:15:40PM +0200, Matthias & Melanie Kasimir <wahr@epost.de> said:
Hi Owen, hello koha-gurus!
I don't care how koha "knows" who is authenticated, but it must be persistent between pages of the librarian's module. I wondered what reason the cookies were set for all the time, because one can safely assume that lots of users switch off cookies. Therefore I would appreciate an authentification scheme whithout cookies, but I do not know how to switch it on.
Hi Guys Koha will check for basic http authentication as well as for a cookie. So you can set up http authentication anyway you like. What we do at HLT is use Apache::AuthDBI to authenticate against table in the koha database. Heres the code in the httpd.conf <Location /> AuthName Koha AuthType Basic PerlModule Apache::AuthDBI #authenticate via DBI PerlAuthenHandler Apache::AuthDBI::authen PerlSetVar Auth_DBI_encrypted on PerlSetVar Auth_DBI_data_source DBI:mysql:koha2:localhost PerlSetVar Auth_DBI_username hidden PerlSetVar Auth_DBI_password hidden #DBI->connect($data_source, $username, $password) PerlSetVar Auth_DBI_pwd_table users PerlSetVar Auth_DBI_uid_field username PerlSetVar Auth_DBI_pwd_field password #SELECT pwd_field FROM pwd_table WHERE uid_field=$user require valid-user </Location> Koha is set up to work with cookies, or with http authentication, it was set up that way on purpose so that those who dont want to use cookies dont have to. Cookies are useful because you can implement a logout. Whereas with http authentication, the browser caches the users username and password, and you need to quit the browser to get it to forget. Which is fine for librarians computers, and for home users using the opac, but for the opac machines in the library, its good for the users to be able to log themselves out. Chris -- Chris Cormack Programmer 027 4500 789 Katipo Communications Ltd chris@katipo.co.nz www.katipo.co.nz