Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Main Koha release repository https://koha-community.org
22571 commits 35 branches 612 tags 1.8 GiB
Perl 45.3%
JavaScript 39.4%
HTML 7.2%
XSLT 3.9%
Vue 1.4%
Other 2.3%
Find a file
Robin Sheat 519149a6c7 Bug 9165: Prevent LDAP passwords being stored locally 
This adds a configuration option to LDAP that prevents it from storing
user's passwords in the local database. This is useful when users of
hosted Koha wish to prevent any form of offsite password storage for
security reasons.

Notes:
 * if the option is not included in the koha-conf.xml file, then the
   current default behaviour of saving the password locally is retained.
 * this has no impact on passwords that are already in the database.
   They will not be erased.

To use:
 * edit the koha-conf.xml for a system that uses LDAP for
   authentication.
 * in the <ldapserver> configuration, add:
   <update_password>0</update_password>
 * feel a greater sense of security.

To test:
 1) have a Koha system that authenticates using LDAP.
 2) note that when a user logs in, their password is saved (hashed) in
    the database.
 2.5) it is important to note that, for whatever reason, a user's
      password is not stored on a login where their account is created,
      only when they log in after being created. Thus perhaps log in and
      log out a couple of times to be sure.
 3) add the <update_password>0</update_password> option to the
    <ldapserver> section of koha-conf.xml.
 4) login with a new user (or erase the password from the database for
    an existing user) and note that the password field is not populated.
 5) log out and log back in just to be sure, check the password field
    again.

Sponsored-By: National Institute of Water and Atmospheric Research (NIWA)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2014-11-27 14:57:49 -03:00
acqui Bug 12775: Suggestions should be ordered by anyone 2014-11-21 16:13:27 -03:00
admin Bug 9043: The comma (,) should be kept to separate multi-valuated prefs 2014-11-17 14:49:59 -03:00
authorities Bug 12573: Use correct comparison for comparing strings 2014-10-28 10:44:21 -03:00
basket Bug 9530 making changes to basket/sendbasket.pl 2014-10-27 10:38:20 -03:00
C4 Bug 9165: Prevent LDAP passwords being stored locally 2014-11-27 14:57:49 -03:00
catalogue Bug 13151 - staff marc preview not wrapping 2014-11-21 15:04:00 -03:00
cataloguing Bug 13223: Plugin housekeeping: do not redefine wrapper 2014-11-19 13:28:08 -03:00
circ Bug 13297 - Shelving location PROC does not work according to manual 2014-11-23 10:11:28 -03:00
course_reserves Bug 11349: Change .tmpl -> .tt in scripts using templates 2014-07-17 11:05:49 -03:00
debian Bug 12856: koha-disable fails without disabling site 2014-11-27 11:42:03 -03:00
docs Bug 7143 : Updating history and about page 2014-11-19 13:30:12 -03:00
errors Bug 11349: Change .tmpl -> .tt in scripts using templates 2014-07-17 11:05:49 -03:00
etc Bug 13157: (QA followup) homebranch is 995$b on UNIMARC frameworks 2014-11-25 15:27:12 -03:00
install_misc Bug 12068 - label-create-pdf.pl Add support for RTL language 2014-10-21 16:14:57 -03:00
installer Bug 13147: Update German web installer files for 3.18 2014-11-27 10:50:45 -03:00
Koha Bug 13242: Remove warning if no parameter given 2014-11-26 11:17:08 -03:00
koha-tmpl Bug 13215: Fix notice deletion 2014-11-27 11:42:21 -03:00
labels Bug 11614: Untranslatable label_element_title in label management 2014-08-19 09:42:42 -03:00
members Bug 12865 - 'Pay amount toward all fines' does not record payment note 2014-11-25 16:38:46 -03:00
misc Fix errors on Korean translation files 2014-11-27 14:20:46 -03:00
offline_circ Bug 11349: Change .tmpl -> .tt in scripts using templates 2014-07-17 11:05:49 -03:00
opac Bug 13329: Fix create a suggestion at the OPAC 2014-11-25 15:24:21 -03:00
OpenILS Bug 9239 QA follow-up: remove stray debug code 2013-03-16 21:32:34 -04:00
patron_lists Bug 10565: (follow-up) add new user permission for patron list management 2013-10-14 22:43:03 +00:00
patroncards Bug 5502 - Patron card category search field should be menu 2014-08-10 09:30:47 -03:00
plugins Bug 11349: Change .tmpl -> .tt in scripts using templates 2014-07-17 11:05:49 -03:00
reports Bug 13141: Add ability for biblio_framework to be a dropdown in Guided Reports 2014-10-31 13:14:59 -03:00
reserve Bug 13116 [QA Followup] - Remove tabs, use unless instead of if 2014-11-12 11:23:45 -03:00
reviews Bug 11349: Change .tmpl -> .tt in scripts using templates 2014-07-17 11:05:49 -03:00
rotating_collections Bug 8836 [QA Followup] - Sort transfer branches alphabetically 2014-11-06 15:12:20 -03:00
selenium Adding selenium tests for filterMembers 2009-09-30 11:30:37 +02:00
serials Bug 12536 - Incorrect number of irregularity issues 2014-11-25 16:11:02 -03:00
services Bug 11349: Change .tmpl -> .tt in scripts using templates 2014-07-17 11:05:49 -03:00
skel Bug 11078: Add locking to rebuild_zebra 2014-02-28 22:21:41 +00:00
sms Bug 11349: Change .tmpl -> .tt in scripts using templates 2014-07-17 11:05:49 -03:00
suggestion Bug 12627: Fix default values 2014-11-07 15:17:10 -03:00
svc Bug 13215: The same letter code can be used for several libraries 2014-11-27 11:42:14 -03:00
t Bug 12831: (RM followup) regression test 2014-11-27 14:45:11 -03:00
tags Bug 11349: Change .tmpl -> .tt in scripts using templates 2014-07-17 11:05:49 -03:00
test Bug 11349: Change .tmpl -> .tt in scripts using templates 2014-07-17 11:05:49 -03:00
tmp/modified_authorities
tools Bug 13215: (follow-up) Fix notice edition 2014-11-27 11:42:24 -03:00
virtualshelves Bug 9530 making changes to virtualshelves/sendshelf.pl 2014-10-27 10:38:25 -03:00
xt Bug 13199: follow up to fix Licence and some koha-qa errors 2014-11-20 09:47:54 -03:00
.editorconfig Bug 12545: Add EditorConfig.org file to the source tree 2014-08-22 11:07:45 -03:00
.htaccess
.mailmap Bug 13314: Follow-up for m.de.rooy in .mailmap 2014-11-26 11:16:18 -03:00
about.pl Bug 13140: Add a notice on the About page about GRS-1 deprecated 2014-10-27 11:24:09 -03:00
changelanguage.pl Bug 6755 Problems with switching languages 2011-09-23 09:47:09 +12:00
edithelp.pl
fix-perl-path.PL
help.pl
INSTALL Bug 7759, update of install files to use background indexing (and some whitespace tidy) 2012-04-20 16:11:52 +02:00
install-CPAN.pl Bug 5370: Fix all the references to koha.org 2010-11-08 09:41:49 +13:00
INSTALL.debian Bug 8092 follow-up: Add optional dependency on CHI 2012-06-09 13:08:18 +02:00
INSTALL.fedora7 Bug 11757: remove dependency on POE 2014-02-15 01:38:15 +00:00
INSTALL.opensuse Bug 11757: remove dependency on POE 2014-02-15 01:38:15 +00:00
INSTALL.ubuntu Bug 7764: (follow-up) editorial tweaks 2013-10-04 16:27:55 +00:00
koha_perl_deps.pl bug 10548: fix count of missing required dependencies by koha_perl_deps.pl 2013-07-11 14:03:32 +00:00
kohaversion.pl Bug 12298: DBRev 3.17.00.060 2014-11-25 17:28:47 -03:00
LICENSE
mainpage.pl Bug 11349: Change .tmpl -> .tt in scripts using templates 2014-07-17 11:05:49 -03:00
Makefile.PL Bug 12651: DOM indexing is the default 2014-10-27 12:35:44 -03:00
MANIFEST.SKIP Bug 9546 : Updating make manifest tardist 2013-02-06 23:54:46 -05:00
README Bug 9440 - update Koha's LICENSE file from GPL2 to GPL3 2013-02-12 08:52:10 -05:00
README.robots Bug 6411 add another example to README.robots 2011-07-05 14:48:05 +12:00
rewrite-config.PL Bug 12031: [QA Follow-up] Undefined routine and change to koha-conf.xml 2014-10-27 10:38:11 -03:00

README 

Koha is a free software integrated library system.

Koha is distributed under the GNU GPL version 3 or later.
Please read the file LICENSE for more details.

To install or upgrade Koha, please see the INSTALL file appropriate
to your platform.

Report bugs at http://bugs.koha-community.org/

Visit the Koha Project website at http://www.koha-community.org/