(Koha 3.0 alpha, Gentoo Linux 2.6.24, MySQL 5.0.54) I'm running the Koha OPAC on port 3333 on my website, and the Intranet on port 3334. Unfortunately (if I understand the rules for cookies correctly) it's not possible to have a cookie segregated to a certain website and a certain port number. As a result, I can't login and access both the Intarnet and OPAC site on the same browser. For instance if I login as "kohaadmin" on the Intranet (port 3334), then login as "adams" on the OPAC (port 3333), the first cookie will be overwritten, and the Intranet site will complain that I'm now logged in as a non-administrative user (adams). Right now, I've taken to accessing the Intranet on Firefox and the OPAC on MSIE to keep my logins separate. But could this problem be solved if Koha used different cookie names for the two different sections? e.g. instead of using CGISESSID everywhere, maybe use KOHAINET as the cookie name for the Intranet and KOHAOPAC for the OPAC site? Is this worth submitting an enhancement request over?
I'm running the Koha OPAC on port 3333 on my website, and the Intranet on port 3334. Unfortunately (if I understand the rules for cookies correctly) it's not possible to have a cookie segregated to a certain website and a certain port number.
This is correct.
As a result, I can't login and access both the Intarnet and OPAC site on the same browser. For instance if I login as "kohaadmin" on the Intranet (port 3334), then login as "adams" on the OPAC (port 3333), the first cookie will be overwritten, and the Intranet site will complain that I'm now logged in as a non-administrative user (adams).
A possible workaround for this is to give adams superlibrarian rights.
Right now, I've taken to accessing the Intranet on Firefox and the OPAC on MSIE to keep my logins separate. But could this problem be solved if Koha used different cookie names for the two different sections? e.g. instead of using CGISESSID everywhere, maybe use KOHAINET as the cookie name for the Intranet and KOHAOPAC for the OPAC site?
Is this worth submitting an enhancement request over?
Possibly, but the usual solution would be vhosts (http://staff/ would be your intranet, http://opac/, your OPAC). -- Jesse
On 2/29/08, Jesse <pianohacker@gmail.com> wrote:
I'm running the Koha OPAC on port 3333 on my website, and the Intranet on port 3334. Unfortunately (if I understand the rules for cookies correctly) it's not possible to have a cookie segregated to a certain website and a certain port number.
This is correct.
As a result, I can't login and access both the Intarnet and OPAC site on
the same browser. For instance if I login as "kohaadmin" on the Intranet (port 3334), then login as "adams" on the OPAC (port 3333), the first cookie will be overwritten, and the Intranet site will complain that I'm now logged in as a non-administrative user (adams).
A possible workaround for this is to give adams superlibrarian rights.
Right now, I've taken to accessing the Intranet on Firefox and the OPAC on MSIE to keep my logins separate. But could this problem be solved if Koha used different cookie names for the two different sections? e.g. instead of using CGISESSID everywhere, maybe use KOHAINET as the cookie name for the Intranet and KOHAOPAC for the OPAC site?
I agree this is a great idea ... does anyone have any objections to making that small change? Cheers, -- Joshua Ferraro SUPPORT FOR OPEN-SOURCE SOFTWARE CEO migration, training, maintenance, support LibLime Featuring Koha Open-Source ILS jmf@liblime.com |Full Demos at http://liblime.com/koha |1(888)KohaILS
On Fri, Feb 29, 2008 at 6:49 PM, Joshua Ferraro <jmf@liblime.com> wrote:
On 2/29/08, Jesse <pianohacker@gmail.com> wrote:
I'm running the Koha OPAC on port 3333 on my website, and the Intranet on port 3334. Unfortunately (if I understand the rules for cookies correctly) it's not possible to have a cookie segregated to a certain website and a certain port number.
This is correct.
As a result, I can't login and access both the Intarnet and OPAC site on
the same browser. For instance if I login as "kohaadmin" on the Intranet (port 3334), then login as "adams" on the OPAC (port 3333), the first cookie will be overwritten, and the Intranet site will complain that I'm now logged in as a non-administrative user (adams).
A possible workaround for this is to give adams superlibrarian rights.
Right now, I've taken to accessing the Intranet on Firefox and the OPAC on MSIE to keep my logins separate. But could this problem be solved if Koha used different cookie names for the two different sections? e.g. instead of using CGISESSID everywhere, maybe use KOHAINET as the cookie name for the Intranet and KOHAOPAC for the OPAC site?
I agree this is a great idea ... does anyone have any objections to making that small change?
Go for it! -- Chris Nighswonger Faculty Member Network & Systems Director Foundations Bible College & Seminary www.foundations.edu www.fbcradio.org
On Fri, Feb 29, 2008 at 4:38 PM, Jesse <pianohacker@gmail.com> wrote:
Right now, I've taken to accessing the Intranet on Firefox and the OPAC on
MSIE to keep my logins separate. But could this problem be solved if Koha used different cookie names for the two different sections? e.g. instead of using CGISESSID everywhere, maybe use KOHAINET as the cookie name for the Intranet and KOHAOPAC for the OPAC site?
Is this worth submitting an enhancement request over?
Possibly, but the usual solution would be vhosts (http://staff/ would be your intranet, http://opac/, your OPAC).
Specifically, using name-based VirtualHosts or variously named VirtualHosts on different interfaces (IPs) would put the two cookies into different namespaces, so they would not conflict in any browser (in fact, they would be protected from cross-site access, since to the browser they would be different sites). But your idea about keeping the cookies separately named is a good one. --Joe Atzberger
participants (5)
-
Chris Nighswonger -
George Adams -
Jesse -
Joe Atzberger -
Joshua Ferraro