[Koha] Subject: SIP2 AF field sent even if patron password is invalid
Kyle Hall
kyle.m.hall at gmail.com
Wed Jul 30 22:03:39 NZST 2014
This isn't really the same issue, but I did leave a comment on your bug
report.
Kyle
http://www.kylehall.info
ByWater Solutions ( http://bywatersolutions.com )
Meadville Public Library ( http://www.meadvillelibrary.org )
Crawford County Federated Library System ( http://www.ccfls.org )
Mill Run Technology Solutions ( http://millruntech.com )
On Tue, Jul 29, 2014 at 6:56 PM, BRANNON, CHRISTOPHER <
CBRANNON at cdalibrary.org> wrote:
> I have an interesting SIP2 implementation issue. When authenticating
> through SIP2, if a valid patron id is passed in, but an *invalid* password
> is passed in, Koha's SIP2 server send back the AF ( screen message ) field
> even though the credentials are invalid. If a patron owes any fees, the
> server will send back the amount owed in an AF field.
>
> For instance, Overdrive will display this AF field even with an invalid
> password. Freegal does not ( but it may not display any AF field ). At
> least one SIP2 machine we tested against will also display the AF field
> when an invalid password is submitted.
>
> Is this a Koha issue, or a client side issue? The SIP2 protocol
> specification does not indicate that AF fields should be removed in the
> event of an invalid password. My guess is that some SIP2 server
> implementations may send back "Invalid password" messages which may be
> useful.
>
> Kyle
>
> Kyle, I filed a bug back in April related to this issue. It hasn't been
> touched yet.
>
> http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12126
>
> Christopher
> _______________________________________________
> Koha mailing list http://koha-community.org
> Koha at lists.katipo.co.nz
> http://lists.katipo.co.nz/mailman/listinfo/koha
>
More information about the Koha
mailing list