AuthProxy support for barcode-based login
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Evergreen |
Fix Released
|
Medium
|
Unassigned | ||
2.3 |
Fix Released
|
Undecided
|
Unassigned | ||
2.4 |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
If a user attempts to log in the catalog with a barcode, any AuthProxy authenticators, except the "native" authenticator will fail, the assumption being that the remote authenticator knows nothing about barcodes. This isn't normally a problem, as logging in with remote credentials (e.g. LDAP) usually implies logging in with your username. This does become a problem, however, when usernames and barcodes are identical in a system (say, by policy) and the usernames start with a number, which is the default "i am a barcode" regex for TPAC/JSPAC. In this case, the catalog always attempts a barcode login and AuthProxy always ignores the remote authenticators.
Incidentally, if username == barcode, using a barcode regex will obviously not suffice to differentiate between the two.
My proposal: When a barcode-based login is attempted in open-ils.
tags: | added: pullrequest |
Changed in evergreen: | |
status: | New → Triaged |
importance: | Undecided → Medium |
Changed in evergreen: | |
status: | Fix Committed → Fix Released |
Since it only required a few lines of code, I've pushed an implementation for review to :
working/ user/berick/ lp1203753- authproxy- barcode- login