Main Koha release repository
https://koha-community.org
519149a6c7
This adds a configuration option to LDAP that prevents it from storing user's passwords in the local database. This is useful when users of hosted Koha wish to prevent any form of offsite password storage for security reasons. Notes: * if the option is not included in the koha-conf.xml file, then the current default behaviour of saving the password locally is retained. * this has no impact on passwords that are already in the database. They will not be erased. To use: * edit the koha-conf.xml for a system that uses LDAP for authentication. * in the <ldapserver> configuration, add: <update_password>0</update_password> * feel a greater sense of security. To test: 1) have a Koha system that authenticates using LDAP. 2) note that when a user logs in, their password is saved (hashed) in the database. 2.5) it is important to note that, for whatever reason, a user's password is not stored on a login where their account is created, only when they log in after being created. Thus perhaps log in and log out a couple of times to be sure. 3) add the <update_password>0</update_password> option to the <ldapserver> section of koha-conf.xml. 4) login with a new user (or erase the password from the database for an existing user) and note that the password field is not populated. 5) log out and log back in just to be sure, check the password field again. Sponsored-By: National Institute of Water and Atmospheric Research (NIWA) Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> |
||
---|---|---|
acqui | ||
admin | ||
authorities | ||
basket | ||
C4 | ||
catalogue | ||
cataloguing | ||
circ | ||
course_reserves | ||
debian | ||
docs | ||
errors | ||
etc | ||
install_misc | ||
installer | ||
Koha | ||
koha-tmpl | ||
labels | ||
members | ||
misc | ||
offline_circ | ||
opac | ||
OpenILS | ||
patron_lists | ||
patroncards | ||
plugins | ||
reports | ||
reserve | ||
reviews | ||
rotating_collections | ||
selenium | ||
serials | ||
services | ||
skel | ||
sms | ||
suggestion | ||
svc | ||
t | ||
tags | ||
test | ||
tmp/modified_authorities | ||
tools | ||
virtualshelves | ||
xt | ||
.editorconfig | ||
.htaccess | ||
.mailmap | ||
about.pl | ||
changelanguage.pl | ||
edithelp.pl | ||
fix-perl-path.PL | ||
help.pl | ||
INSTALL | ||
install-CPAN.pl | ||
INSTALL.debian | ||
INSTALL.fedora7 | ||
INSTALL.opensuse | ||
INSTALL.ubuntu | ||
koha_perl_deps.pl | ||
kohaversion.pl | ||
LICENSE | ||
mainpage.pl | ||
Makefile.PL | ||
MANIFEST.SKIP | ||
README | ||
README.robots | ||
rewrite-config.PL |
Koha is a free software integrated library system. Koha is distributed under the GNU GPL version 3 or later. Please read the file LICENSE for more details. To install or upgrade Koha, please see the INSTALL file appropriate to your platform. Report bugs at http://bugs.koha-community.org/ Visit the Koha Project website at http://www.koha-community.org/