https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15428
--- Comment #19 from David Cook <dc...@prosentient.com.au> --- (In reply to Katrin Fischer from comment #18) > But how do we know if it's an OPAC or a staff side cookie? Maybe naming the > cookies differently and by that allowing to really have separate sessions > independent of setup would be better. Yes that's what I was thinking. We're replace CGISESSID with KOHA_OPAC_SESSID and KOHA_STAFF_SESSID or something like that, and then depending on where the auth is being initiated the appropriate cookie name would be looked up. (That said, I think that might get complicated with the API...so something to investigate further.) > One reason to use ports is to block access to the staff interface in a > firewall. It's a valid configuration option. You mean using access control lists in a firewall? That's true. I suppose that using different ports would be the only way to do it with that setup. I often suggest restricting by IP address at the HTTP/application layer, since it's easy to due on a per-host basis, but there's certainly advantages to restricting access at lower OSI layers. It's good to know that there are other folk out there restricting access to their staff interface. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/