Hello to all list members, The Intranet area of the Koha website has username + password protection for authentication and authorisation. Is the same available for the OPAC, thereby rendering the P in OPAC to "Private" instead of "Public"? I would think that this would be a common and widespread requirement for the OPAC. For example, a private collection has been put online at a dedicated remote hosting service but the content should not be publicly accessible. One option of course is to use htpasswd and a config section in Apache to restrict access to the OPAC. But this would entail maintaining two access lists: one in a text file for htpasswd and another in the Koha database. We require one single authentication and authorisation scheme, not several. Can password access for the OPAC simply be "turned on"? If not, would I have to copy the existing password/cookie functionality as found in the intranet scripts into the OPAC scripts? cheers rickw -- _________________________________ Rick Welykochy || Praxis Services If we don't succeed, we run the risk of failure. -- Bill Clinton, President
On 7/06/2007, at 2:32 PM, Rick Welykochy wrote:
Hello to all list members,
Can password access for the OPAC simply be "turned on"?
Not quite that easy
If not, would I have to copy the existing password/cookie functionality as found in the intranet scripts into the OPAC scripts?
But not that hard either, its already all there in all the scripts, all you need to do is take a look at the scripts you want passworded, for eg opac-main.pl In 2.2.9 line 34 You will see authnotrequired => 1, Flick that to 0, and bang, you will be asked for a password on that page. If you really wanted to, and this would be cool, you could make a system preference, that then each of the scripts could check, and turn authnotrequired to 0 if its switched on. Theres only a few opac scripts to touch, and adding the syspref shouldnt take long. Chris -- Chris Cormack chris.cormack@liblime.com VP Research and Development www.liblime.com LibLime +64 21 542 131
Chris Cormack wrote:
But not that hard either, its already all there in all the scripts, all you need to do is take a look at the scripts you want passworded, for eg opac-main.pl
In 2.2.9 line 34
You will see authnotrequired => 1,
Flick that to 0, and bang, you will be asked for a password on that page.
The flick did the trick. Thanks Chris. cheers rickw -- _________________________________ Rick Welykochy || Praxis Services We are ready for any unforeseen event that may or may not occur. -- Al Gore, Vice President
participants (2)
-
Chris Cormack -
Rick Welykochy