Dear Sir Joel and the rest of the community, Really appreciate your feedback on this matter. As you have said using SAML would be the best option for our use case, still won't create accounts on the fly. Since our use case is eagerly in need of creating accounts in Koha through google authentication on the fly, just like when you log-in to Lazada, Cincopa, Interverser and a like that uses google authentication. https://www.lazada.com.ph/customer/account/create/?referer=%2F https://www.cincopa.com/login.aspx https://my.interserver.net/login.php Bob mentioned in the previous comment, that Koha's circulation rules are based on branch code and patron category. What I am thinking if possible to set a default library branch and patron category when logging in using google authentication so that it will create accounts on the fly! I believe this is out of the capability of Koha as of the moment, that is why I am requesting the community to develop our use case if possible. I'm not really sure how it works, with regards to who will develop and the development process and about the funding. As per my team initial discussion, we will fund this project/development once we have the quotation and discuss it over with the management if they are amenable with the development and with the pricing. On behalf of my team, I am humbly requesting the community if there is someone who is willing to develop our use case. Hope for your kind and consideration for our request. Looking forward to this! On Mon, May 2, 2016 at 10:31 PM, Coehoorn, Joel <jcoehoorn@york.edu> wrote:
When I first read this, I was thinking from the standpoint of an institutional library that issues e-mail accounts via one of the Google Apps for My Domain programs (ie: Google Apps for Ed/Gov/Work). Otherwise, it seems like you're favoring one kind of e-mail account that, while popular, still only accounts for a small fraction of potential users.
With an institutional Google Apps domain, it is possible now to set up the domain as a SAML identity provider, and set up Koha as a saml service provider (via Shibboleth <https://wiki.koha-community.org/wiki/Shibboleth_Configuration>) that will trust the Google Apps domain. This still won't create accounts on the fly, but in this context you have an authoritative source of users you could periodically batch-preload into Koha. Incidentally, reading the original bug report for 10988, this configuration would also completely satisfy that use case. Oauth support is useful for it's own merits, but saml is probably the better choice in the context of allowing users within an institution to log in to both services via a single account. Oauth is better when you are allowing users from outside the institution.
Joel Coehoorn Director of Information Technology 402.363.5603 *jcoehoorn@york.edu <jcoehoorn@york.edu>*
The mission of York College is to transform lives through Christ-centered education and to equip students for lifelong service to God, family, and society
On Mon, May 2, 2016 at 6:41 AM, Jerwyn <os.jerwynfernandez@gmail.com> wrote:
Dear Bob,
Thanks for writing in!
Your response enlightened us more about google authentication.
It seems like that our use case is not possible with what Koha is capable of, at the moment.
Thank you so much again and have a nice day ahead!
-- View this message in context: http://koha.1045719.n5.nabble.com/Google-Authentication-to-all-gmail-account... Sent from the Koha-general mailing list archive at Nabble.com. _______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz https://lists.katipo.co.nz/mailman/listinfo/koha
-- - Jerwyn Fernandez, RL Koha Support Specialist OS Library Solutions (63) 9336734607 (02) 7383209