https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24539
--- Comment #23 from David Cook <dc...@prosentient.com.au> --- (In reply to mark.jaroski from comment #22) > I don't know enough about Koha to comment on internal workings, but wouldn't > you always want a session in most authentication situations? Yep. > I guess in the Shibboleth scenario you don't need a session because every > request comes with the server variable or header, but for things like > OpenID-Connect you don't want to do the handshake for every page load. I haven't used the built-in Koha Shibboleth integration. I've implemented my own custom Koha Shibboleth integration, so I can't comment on how Koha does it by default. But I just do a once off call to the SAML IdP, create a Koha session, and then use that from there on out. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/