Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/C4
History
Robin Sheat 519149a6c7 Bug 9165: Prevent LDAP passwords being stored locally 
This adds a configuration option to LDAP that prevents it from storing
user's passwords in the local database. This is useful when users of
hosted Koha wish to prevent any form of offsite password storage for
security reasons.

Notes:
 * if the option is not included in the koha-conf.xml file, then the
   current default behaviour of saving the password locally is retained.
 * this has no impact on passwords that are already in the database.
   They will not be erased.

To use:
 * edit the koha-conf.xml for a system that uses LDAP for
   authentication.
 * in the <ldapserver> configuration, add:
   <update_password>0</update_password>
 * feel a greater sense of security.

To test:
 1) have a Koha system that authenticates using LDAP.
 2) note that when a user logs in, their password is saved (hashed) in
    the database.
 2.5) it is important to note that, for whatever reason, a user's
      password is not stored on a login where their account is created,
      only when they log in after being created. Thus perhaps log in and
      log out a couple of times to be sure.
 3) add the <update_password>0</update_password> option to the
    <ldapserver> section of koha-conf.xml.
 4) login with a new user (or erase the password from the database for
    an existing user) and note that the password field is not populated.
 5) log out and log back in just to be sure, check the password field
    again.

Sponsored-By: National Institute of Water and Atmospheric Research (NIWA)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2014-11-27 14:57:49 -03:00
..
AuthoritiesMarc
Barcodes Bug 11539: removing 2 unused files 2014-01-14 20:55:28 +00:00
Bookseller Bug 10402 follow-up: choose contacts for claims 2014-08-26 11:45:59 -03:00
ClassSortRoutine Bug 8837: Dewey cn_sort inaccurate 2014-10-28 09:39:29 -03:00
Creators Bug 8375: (follow-up) adjust StrWidth to account for TTF fonts 2014-05-06 18:52:12 +00:00
External Bug 12041 - improve Koha::Cache 2014-06-19 13:05:04 -03:00
Form Bug 12100: ensure that messaging preferences displays saved Days in Advance 2014-04-28 21:35:18 +00:00
Heading Bug 10308 - local subjects can use authorities too 2014-09-01 10:45:07 -03:00
ILSDI Bug 13116 - Make it possible to propagate errors from C4::Reserves::CanItemBeReserved() to the web-templates. 2014-11-12 11:23:41 -03:00
Installer Bug 11401: Add support for Norwegian national library card 2014-11-14 09:42:23 -03:00
Labels Bug 12068 - label-create-pdf.pl Add support for RTL language 2014-10-21 16:14:57 -03:00
Linker Bug 11650: multiplicated authorities after link_bibs_to_authorities.pl 2014-07-07 12:40:25 -03:00
Members Bug 13194: Fix typo in SetMessagingPreferencesFromDefaults POD 2014-11-06 10:14:13 -03:00
OAI Bug 9295: Introduce operator equal/ notequal to OAI set mapping instead of hardcoded 'equal' value. 2013-10-10 23:03:30 +00:00
Output
Patroncards
Reports Bug 13141: Add ability for biblio_framework to be a dropdown in Guided Reports 2014-10-31 13:14:59 -03:00
Search Bug 10807: (follow-up) use 24-hour time when storing search times to session 2014-05-05 02:55:41 +00:00
Serials Bug 7688: (follow-up) update license statements 2013-10-30 02:56:32 +00:00
SIP Bug 12571 - Add ability to customize SIP2 screen messages 2014-10-28 09:26:47 -03:00
Utils Bug 12833: Patron search should search on extended attributes 2014-09-09 10:08:59 -03:00
VirtualShelves Bug 8521 - Error in warning message when deleting list 2014-08-05 20:44:28 -03:00
Accounts.pm Bug 12865 - 'Pay amount toward all fines' does not record payment note 2014-11-25 16:38:46 -03:00
Acquisition.pm Bug 7162; Factorize code for order cancellation (QA fixes) 2014-10-30 00:44:11 -03:00
Auth.pm Bug 13176 - Add links "My account" and "My checkouts" for logged in user to drop down in staff client header 2014-11-11 09:48:06 -03:00
Auth_cas_servers.yaml.orig
Auth_with_cas.pm Bug 12398: Fix CAS authentication validation 2014-08-01 10:13:49 -03:00
Auth_with_ldap.pm Bug 9165: Prevent LDAP passwords being stored locally 2014-11-27 14:57:49 -03:00
Auth_with_shibboleth.pm BUG8446, QA Followup: Use DBIx::Class 2014-10-16 12:28:01 -03:00
AuthoritiesMarc.pm Bug 12654 Correct incorrectly quoted regexp 2014-07-30 11:06:27 -03:00
BackgroundJob.pm
Barcodes.pm
Biblio.pm Bug 12995 - script update_totalissues.pl stops on corrupted record 2014-10-31 14:14:24 -03:00
Bookseller.pm Bug 10402 follow-up: choose contacts for claims 2014-08-26 11:45:59 -03:00
Boolean.pm
Branch.pm Bug 9350: Making changes so that you can add the new fields to branches 2014-10-27 10:38:16 -03:00
Breeding.pm Bug 12898 - Z39.50 title search doesn't work with multiple words 2014-09-14 02:02:51 -03:00
Budgets.pm Bug 11714 - GetBudgetHierarchy needs optimization 2014-10-31 16:41:46 -03:00
Calendar.pm
Category.pm
Charset.pm Bug 13075: Silence warnings and improve Charset testing. 2014-11-14 09:35:44 -03:00
Circulation.pm Bug 13297 - Shelving location PROC does not work according to manual 2014-11-23 10:11:28 -03:00
ClassSortRoutine.pm Bug 12424 - ddc sorting of call numbers truncates long Cutter parts 2014-10-18 10:50:07 -03:00
ClassSource.pm
Context.pm Bug 12651: DOM indexing is the default 2014-10-27 12:35:44 -03:00
Contract.pm Bug 12487 [QA Followup] - GetContract must return undef with no params 2014-07-30 10:44:45 -03:00
CourseReserves.pm
Creators.pm
Csv.pm Bug 10853: All existing routing to get a CSV should return a MARC csv 2013-10-11 02:16:33 +00:00
Dates.pm
Debug.pm
Heading.pm
HoldsQueue.pm Bug 11258: fix another case where holds queue made transfer requests that contradict the library holds policy 2014-04-18 15:23:23 +00:00
HTML5Media.pm
Images.pm
ImportBatch.pm Bug 11876: (qa-followup) some minor changes 2014-10-31 14:25:13 -03:00
ImportExportFramework.pm Bug 11666: remove SQL as an option for MARC framework exports and imports 2014-02-05 19:48:27 +00:00
Input.pm Bug 766: remove disused routine buildCGISort 2014-05-04 23:03:24 +00:00
InstallAuth.pm Bug 11349: Remove unnecesary name translation 2014-07-17 11:05:58 -03:00
Installer.pm Bug 11593 - subtag_registry.sql files contain the same information for each language 2014-10-28 10:49:02 -03:00
ItemCirculationAlertPreference.pm
Items.pm Bug 13332: Fix conflict between 5304 and 10860 2014-11-26 11:25:04 -03:00
ItemType.pm
Koha.pm Bug 13157: (QA followup) homebranch is 995$b on UNIMARC frameworks 2014-11-25 15:27:12 -03:00
Labels.pm
Languages.pm Bug 12534 - PROG/CCSR deprecation: Make getlanguages() theme independent for opac 2014-07-14 09:01:08 -03:00
Letters.pm Bug 13215: Fix GetLetterTemplates should return default templates if branchcode is not defined 2014-11-27 11:42:26 -03:00
Linker.pm Bug 11650: multiplicated authorities after link_bibs_to_authorities.pl 2014-07-07 12:40:25 -03:00
Log.pm Bug 11331 - CSV export for viewlog.pl is missing newlines 2014-08-05 20:23:26 -03:00
MarcModificationTemplates.pm Bug 11413: Fix field_numbers 2014-11-14 12:05:47 -03:00
Matcher.pm Bug 10500: (follow-up) disable AggressiveMatchOnISBN if UseQueryParser is on 2014-05-05 19:31:00 +00:00
Members.pm Bug 11401: QA followup 2014-11-14 09:42:45 -03:00
Message.pm
NewsChannels.pm Bug 12507 - News does not always display in staff or OPAC 2014-08-24 12:37:06 -03:00
Output.pm Bug 12844: Remove the C4::Output::FormatNumber subroutine 2014-10-27 12:56:19 -03:00
Overdues.pm Bug 13018 : Static fine should be charged only once 2014-11-11 09:44:01 -03:00
Patroncards.pm
Print.pm Bug 6679 - [SIGNED-OFF] fix 2 perlcritic violations in C4/Print.pm 2012-09-20 12:17:43 +02:00
Ratings.pm Bug 12609: Add some unit tests for C4::Ratings 2014-09-17 22:08:57 -03:00
Record.pm Bug 13190: Reintroduce the checkouts export feature 2014-11-06 10:00:30 -03:00
Reports.pm Bug 12696: Remove CGI::scrolling_list from C4/Reports.pm 2014-08-15 14:44:50 -03:00
Reserves.pm Bug 13152 - Duplicate phone hold notices when using Talking Tech 2014-11-25 17:33:56 -03:00
Review.pm Bug 7941 : Fix version numbers in modules 2012-06-11 17:29:38 +02:00
Ris.pm Bug 11066: make RIS and Bibtex exports RDA compatible 2014-01-03 15:54:38 +00:00
RotatingCollections.pm Bug 8836 [QA Followup] - Prevent multiple collections from having the same title 2014-11-06 15:12:20 -03:00
Scheduler.pm
Scrubber.pm
Search.pm Revert "Bug 9828: More specific indexing of UNIMARC 6XX fields" 2014-10-28 12:02:34 -03:00
Serials.pm Bug 5342: Serial claiming improvements: add a counter 2014-10-28 10:07:37 -03:00
Service.pm
ShelfBrowser.pm
SMS.pm Bug 3186 [QA Followup] - Don't return undef, just return 2014-10-30 01:23:12 -03:00
SocialData.pm bug 7470 follow-up, fix POD doc 2012-03-26 17:53:28 +02:00
SQLHelper.pm Bug 11425: Get column names using DBIX 2014-11-04 19:10:28 -03:00
Stats.pm Bug 10860 - Change "in-house use" to "on-site checkout" 2014-11-03 10:26:22 -03:00
Suggestions.pm Bug 12627: Fix default values 2014-11-07 15:17:10 -03:00
Tags.pm Bug 12916 - Use of uninitialized values $max and $min in C4/Tags.pm 2014-10-30 00:31:36 -03:00
Templates.pm Bug 13053 - Do not use template cache when from commandline 2014-11-21 20:56:05 -03:00
TmplToken.pm Bug 12131: Remove unused dependency on Exporter 2014-04-25 15:24:39 +00:00
TmplTokenType.pm Revert "Bug 6679 - [SIGNED-OFF] fix 9 perlcritic violations in C4/TmplTokenType.pm" 2012-09-20 13:29:59 +02:00
TTParser.pm Bug 12207: fix TTparser's handling of TT directives that contain "]" 2014-05-23 15:23:20 +00:00
UploadedFile.pm
UsageStats.pm Bug 11926: Follow-up - remove SearchEngine pref / fix POD 2014-10-22 15:17:14 -03:00
VirtualShelves.pm Bug 8262: explicitly warn that database admin account cannot create lists 2014-04-20 22:55:22 +00:00
XISBN.pm Bug 11096: support the retrieval of large MARCXML records 2014-02-28 19:50:09 +00:00
XSLT.pm Bug 12655 [Revised] PROG/CCSR deprecation: Correct hard-coded opac-tmpl/prog path in XSLT 2014-10-30 09:35:12 +13:00