Re: [Koha] koha still requiring constant login/authentification
I wasn't paying very close attention to this thread because we haven't seen problems with cookies and can't get cookie-based authentication working in the 2.0.0-pre2-R2 intranet anyway. But today I realized that users of Internet Explorer 5.5 and 6 (Windows) are not retaining their home branch/printer settings. I've checked Explorer's security settings in both cases and confirmed that the browser *should* be accepting the cookies. And I've checked for the cookie in Explorer's cookies folder and found nothing. Could there be a problem with the way Koha sets cookies in general? Something quirky about how Internet Explorer treats the cookies Koha tries to set? I wonder if there's a tool for viewing current per-session cookies in Explorer? -- Owen ---- Nelsonville Public Library Koha 2.0.0-pre2-R2
Hi Owen, hello koha-gurus! I don't care how koha "knows" who is authenticated, but it must be persistent between pages of the librarian's module. I wondered what reason the cookies were set for all the time, because one can safely assume that lots of users switch off cookies. Therefore I would appreciate an authentification scheme whithout cookies, but I do not know how to switch it on. Does the new version of koha (2.0.x) not have any authentification- related problems? If that is true I would just suffer the ordeal of installing koha once again and install that version. Production work was not possible with this version anyway, since no one logs in at every screen when not held at gunpoint.
I wasn't paying very close attention to this thread because we haven't seen problems with cookies and can't get cookie-based authentication working in the 2.0.0-pre2-R2 intranet anyway. But today I realized that users of Internet Explorer 5.5 and 6 (Windows) are not retaining their home branch/printer settings. I've checked Explorer's security settings in both cases and confirmed that the browser *should* be accepting the cookies. And I've checked for the cookie in Explorer's cookies folder and found nothing.
I configured IE6 and Mozilla 1.4 to accept cookies for a test. It did not help.
Could there be a problem with the way Koha sets cookies in general? Something quirky about how Internet Explorer treats the cookies Koha tries to set? I wonder if there's a tool for viewing current per-session cookies in Explorer?
Being new to koha and cookie-problems I do not know and pass this question to the gurus. Thanks for all suggestions and help! Mat
On Wed, Aug 20, 2003 at 12:15:40PM +0200, Matthias & Melanie Kasimir <wahr@epost.de> said:
Hi Owen, hello koha-gurus!
I don't care how koha "knows" who is authenticated, but it must be persistent between pages of the librarian's module. I wondered what reason the cookies were set for all the time, because one can safely assume that lots of users switch off cookies. Therefore I would appreciate an authentification scheme whithout cookies, but I do not know how to switch it on.
Hi Guys Koha will check for basic http authentication as well as for a cookie. So you can set up http authentication anyway you like. What we do at HLT is use Apache::AuthDBI to authenticate against table in the koha database. Heres the code in the httpd.conf <Location /> AuthName Koha AuthType Basic PerlModule Apache::AuthDBI #authenticate via DBI PerlAuthenHandler Apache::AuthDBI::authen PerlSetVar Auth_DBI_encrypted on PerlSetVar Auth_DBI_data_source DBI:mysql:koha2:localhost PerlSetVar Auth_DBI_username hidden PerlSetVar Auth_DBI_password hidden #DBI->connect($data_source, $username, $password) PerlSetVar Auth_DBI_pwd_table users PerlSetVar Auth_DBI_uid_field username PerlSetVar Auth_DBI_pwd_field password #SELECT pwd_field FROM pwd_table WHERE uid_field=$user require valid-user </Location> Koha is set up to work with cookies, or with http authentication, it was set up that way on purpose so that those who dont want to use cookies dont have to. Cookies are useful because you can implement a logout. Whereas with http authentication, the browser caches the users username and password, and you need to quit the browser to get it to forget. Which is fine for librarians computers, and for home users using the opac, but for the opac machines in the library, its good for the users to be able to log themselves out. Chris -- Chris Cormack Programmer 027 4500 789 Katipo Communications Ltd chris@katipo.co.nz www.katipo.co.nz
Hi Chris, I do very much appreciate your help. Since I am new to koha (just had it installed for us), it will take some time for me to chew on your answer. You can be sure that I will try it and report as to the effect of any changes I make. Does it make sense to wait and install koha 2.0.x once it is out? Or will it be as difficult as installing 1.2.3, so I should stick to what is already installed? Or is it easy normally an I just screwed up and made it more complicated than it is? I did not expect a point- and-click installation, but something like extract *.tgz and run configure-script, then make and make-install and go. One other thing to consider is, wether the migration of data entered in 1.2.3 to 2.0.x will be straightforward for unxeperienced users. If not, we better refrain from entering any data and wait till 2.0.x.
Koha will check for basic http authentication as well as for a cookie. So you can set up http authentication anyway you like.
Aha? 1) This still seems not to explain why koha does not accept one authentification in one session. 2) Or does it explain, because my browsers reject koha's cookie in some way unknown to me, although it is configured to accept cookies. 3) Or is the cookie not sent to the browser in the first place?
What we do at HLT is use Apache::AuthDBI to authenticate against table in the koha database. Heres the code in the httpd.conf
Can I just paste the code into httpd.conf and expect it to work?
Koha is set up to work with cookies, or with http authentication, it was set up that way on purpose so that those who dont want to use cookies dont have to. Cookies are useful because you can implement a logout. Whereas with http authentication, the browser caches the users username and password, and you need to quit the browser to get it to forget. Which is fine for librarians computers, and for home users using the opac, but for the opac machines in the library, its good for the users to be able to log themselves out.
Good to have the options! Btw: Does koha generate barcodes for printout on labels or do I need a special program to do this? Greetings from northern Germany, Matthias _______________________________________________________ Wollt Ihr weiterhin die Kontrolle über Euren Rechner haben? Dann wehrt Euch und boykottiert Produkte der TCPA-Mitglieder! Info zur "Treacherous Computing Platform Alliance": http://www.againsttcpa.com/ http://kasimir.org/
On Thu, Aug 21, 2003 at 06:02:32PM +0200, Matthias & Melanie Kasimir <wahr@epost.de> said:
Hi Chris,
Hi Matthias
I do very much appreciate your help. Since I am new to koha (just had it installed for us), it will take some time for me to chew on your answer. You can be sure that I will try it and report as to the effect of any changes I make.
Excellent thats great.
Does it make sense to wait and install koha 2.0.x once it is out? Or will it be as difficult as installing 1.2.3, so I should stick to what is already installed? Or is it easy normally an I just screwed up and made it more complicated than it is? I did not expect a point- and-click installation, but something like extract *.tgz and run configure-script, then make and make-install and go.
Id wait and go for 2.0 when it is out, it has a lot of new features, and quite a few bug fixes from 1.2.3. And should be as easy as tar xzvf koha-2.0.0.tar.gz cd koha-2.0.0 ./installer.pl (Thats the plan anyway:-))
One other thing to consider is, wether the migration of data entered in 1.2.3 to 2.0.x will be straightforward for unxeperienced users. If not, we better refrain from entering any data and wait till 2.0.x.
We will write a script to migrate the data. The actual data that is in 1.2.3 doesnt change structure for 2.0.0 but there are a whole lot of new tables to populate. Mostly the MARC tables. So we will have the upgrade script do this for you automatically.
Koha will check for basic http authentication as well as for a cookie. So you can set up http authentication anyway you like.
Aha?
1) This still seems not to explain why koha does not accept one authentification in one session.
2) Or does it explain, because my browsers reject koha's cookie in some way unknown to me, although it is configured to accept cookies.
3) Or is the cookie not sent to the browser in the first place?
Its either 2 or 3 :-) If I get a chance over the weekend ill install a 1.2.3 install from scratch and check it out for you.
What we do at HLT is use Apache::AuthDBI to authenticate against table in the koha database. Heres the code in the httpd.conf
Can I just paste the code into httpd.conf and expect it to work?
Ahh nope, You will need to make the users table, and populate, and install the Apache::AuthDBI module for it to work. What I would do is just try it out with a simple .htaccess , .htpasswd and .htgroup files .. I can step you through setting that up if you like?
Btw: Does koha generate barcodes for printout on labels or do I need a special program to do this?
Ahh nope Koha wont do this, lots of people have recommended Kbarcode as a good program to do this.
Greetings from northern Germany,
And Kia Ora, from about the middle of NZ :-) Chris -- Chris Cormack Programmer 027 4500 789 Katipo Communications Ltd chris@katipo.co.nz www.katipo.co.nz
participants (3)
-
Chris Cormack -
Matthias & Melanie Kasimir <wahr@epost.de> -
Owen Leonard