[Koha] Connecting KOHA patron information to website login

[Joe Atzberger]

Ian, the solution to your problem may be to consolidate the other points of
authentication, if not actually, than using something like an LDAP proxy:
http://symlabs.com/products/ldap-proxy

In my estimation, Koha will not be becoming an LDAP server anytime soon
(probably never).  LDAP is a flexible, extensible protocol with widely
varying implementations and expectations in the wild.  A robust
implementation has to handle all kinds of things that Koha has never dealt
with, like SSL encryption, certificate authentication, system expectations
about the local certificate(s), LDIF file format, X.500 data, etc.  Take
your pick of RFCs: 1487, 2252, 1823, 1789, 1777... actually, too many to
list.  Try here <http://www.bind9.net/rfc-ldap>.

Even directly copying from Apache's LDAP code, implementation would still
take hundreds of manhours at a minimum, including a great deal of testing.
Of course the Apache code was not written in perl anyway.  It is safe to say
that this would be larger than *any* other Koha project currently
commissioned or proposed.  And have you looked at our Auth.pm code lately?
We have enough trouble keeping that clean without introducing layers of
added complexity.

Melanie, to answer the original question, existing hardware and software use
the SIP2 protocol to authenticate patrons, which Koha implements well.  This
is the "correct" existing mechanism to use, though I'd assume there is no
Joomla module for SIP.  That shouldn't be a huge deal, since SIP is fairly
easy to hack and you would only need to use one command, and interpret one
response.  By contrast to the burden of reimplementation an LDAP server, an
experienced Joomla coder could probably produce the SIP Auth script in one
afternoon.

-- 
Joe Atzberger
LibLime - Open Source Library Solutions
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.katipo.co.nz/pipermail/koha/attachments/20090715/37b0f882/attachment-0001.htm