2022-11-17 15:04:01 |
Galen Charlton |
bug |
|
|
added bug |
2022-11-17 15:04:16 |
Galen Charlton |
evergreen: importance |
Undecided |
Medium |
|
2022-11-17 15:13:36 |
Galen Charlton |
tags |
|
authentication pullrequest |
|
2022-12-01 19:46:45 |
Galen Charlton |
summary |
OpenILS::WWW::Proxy::Authen should accept eg2's auth token |
Various mod_perl handlers should accept eg2's auth token |
|
2022-12-01 19:47:11 |
Galen Charlton |
description |
The Apache authentication handler OpenILS::WWW::Proxy::Authen currently expects that the authentication session will be passed to it only via a 'ses' URL parameter or a 'ses' cookie. However, it should also be taught to accept the web-based staff client's eg.auth.token cookie.
That way, any resources that are guarded by this handler (such as print overdue notices or a direct like to reporter output) can be directly used if the user has already logged in to the staff client. |
The Apache authentication handler OpenILS::WWW::Proxy::Authen and other mod_perl handlers (e.g., for bib export) currently expect that the authentication session will be passed to it only via a 'ses' URL parameter or a 'ses' cookie. However, it should also be taught to accept the web-based staff client's eg.auth.token cookie.
That way, any resources that are guarded by this handler (such as print overdue notices or a direct like to reporter output) can be directly used if the user has already logged in to the staff client. |
|
2022-12-01 19:47:56 |
Galen Charlton |
description |
The Apache authentication handler OpenILS::WWW::Proxy::Authen and other mod_perl handlers (e.g., for bib export) currently expect that the authentication session will be passed to it only via a 'ses' URL parameter or a 'ses' cookie. However, it should also be taught to accept the web-based staff client's eg.auth.token cookie.
That way, any resources that are guarded by this handler (such as print overdue notices or a direct like to reporter output) can be directly used if the user has already logged in to the staff client. |
The Apache authentication handler OpenILS::WWW::Proxy::Authen and other mod_perl handlers (e.g., for bib export) currently expect that the authentication session will be passed to it only via a 'ses' URL parameter or a 'ses' cookie. However, it should also be taught to accept the web-based staff client's eg.auth.token cookie.
That way, any resources that are guarded by the OpenILS::WWW::Proxy::Authen handler (such as print overdue notices or a direct link to reporter output) can be directly used if the user has already logged in to the staff client. Ditto for resources (other than TPAC) that have their own Perl handlers. |
|
2023-03-05 20:15:59 |
Jason Boyer |
evergreen: status |
New |
Fix Committed |
|
2023-03-05 20:16:44 |
Jason Boyer |
nominated for series |
|
evergreen/3.9 |
|
2023-03-05 20:16:44 |
Jason Boyer |
bug task added |
|
evergreen/3.9 |
|
2023-03-05 20:16:44 |
Jason Boyer |
nominated for series |
|
evergreen/3.10 |
|
2023-03-05 20:16:44 |
Jason Boyer |
bug task added |
|
evergreen/3.10 |
|
2023-03-05 20:16:52 |
Jason Boyer |
evergreen: milestone |
|
3.11-beta |
|
2023-03-05 20:16:56 |
Jason Boyer |
evergreen/3.10: milestone |
|
3.10.1 |
|
2023-03-05 20:16:57 |
Jason Boyer |
evergreen/3.9: milestone |
|
3.9.2 |
|
2023-03-05 20:17:02 |
Jason Boyer |
evergreen/3.10: importance |
Undecided |
Medium |
|
2023-03-05 20:17:03 |
Jason Boyer |
evergreen/3.9: importance |
Undecided |
Medium |
|
2023-03-05 20:17:12 |
Jason Boyer |
evergreen/3.10: status |
New |
Fix Committed |
|
2023-03-05 20:17:14 |
Jason Boyer |
evergreen/3.9: status |
New |
Fix Committed |
|
2023-03-27 16:09:56 |
Evergreen Bug Maintenance |
evergreen: milestone |
3.11-beta |
|
|
2023-03-27 16:09:58 |
Evergreen Bug Maintenance |
evergreen/3.10: status |
Fix Committed |
Fix Released |
|
2023-03-27 16:10:00 |
Evergreen Bug Maintenance |
evergreen/3.9: status |
Fix Committed |
Fix Released |
|
2023-03-27 16:10:02 |
Evergreen Bug Maintenance |
evergreen: status |
Fix Committed |
Fix Released |
|