https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38815
Bug ID: 38815
Summary: Optionally block local login of accounts set for SSO
Change sponsored?: ---
Product: Koha
Version: Main
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected]
Bug 18506 added the ability to completely prevent local login (login using the
koha username and password) when using SSO, but many libraries using SSO find
it necessary to allow local login for some users or situations -- community
borrowers at an academic library, support vendors who lack SSO credentials,
etc.
If both SSO and local login must be allowed, libraries want to ensure that any
given account can only log in one way -- if your account can authenticate via
SSO, you should not be able to authenticate via local login. Libraries enforce
this by setting NULL passwords in Koha on accounts using SSO, but at the very
least any superlibrarian is able to change that password.
It would be helpful to be able to flag an account as "SSO only" and thereby
force Koha to null the password and keep it null, hiding the Change Password
button and the password field from patron edit.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
