Main Koha release repository
https://koha-community.org
c8a18f5eef
Bug 10029 tries to fix the use of URL parameters in CAS authentication. But is does not work. The full URL must be used in all methods of C4::Auth_with_cas. Also, in checkpw_cas(), the 'ticket' parameter must be removed to find the original URL. This patch removes the 'ticket' parameter from query before calling checkpw_cas() since the ticket is passed as method arguemnt. In C4::Auth_with_cas, many methods use the same code to get the CAS handler and the service URI. This patch adds a private method _get_cas_and_service() to do the job. Test plan: - Enable CAS - Go to opac without been logged-in - Try to place hold on a record => You get to /cgi-bin/koha/opac-reserve.pl?biblionumber=XXX showing authentication page => Check that CAS link contains query param "biblionumber" - Click on CAS link and log in => Check you return well logged-in to reserve page with biblionumber param - Check CAS loggout - Check Proxy CAS auth Signed-off-by: Koha team AMU <koha.aixmarseille@gmail.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Passes all tests in t, xt, and t/db_dependent/Auth.t. Also passes QA script. As I have no working CAS server, I focused on regression testing: Activated Persona and casAuthentication. - Verified normal login against database still works. - Verified Persona login works. Note: With Persona you are always forwarded to the patron account - so you have to search for the record again before you can place a hold. - Verified that the CAS URL contains the biblionumber when logging in while placing a hold. Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Retested 2014-04-12 Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com> |
||
|---|---|---|
| acqui | ||
| admin | ||
| authorities | ||
| basket | ||
| C4 | ||
| catalogue | ||
| cataloguing | ||
| circ | ||
| course_reserves | ||
| debian | ||
| docs | ||
| errors | ||
| etc | ||
| install_misc | ||
| installer | ||
| Koha | ||
| koha-tmpl | ||
| labels | ||
| members | ||
| misc | ||
| offline_circ | ||
| opac | ||
| OpenILS | ||
| patron_lists | ||
| patroncards | ||
| plugins | ||
| reports | ||
| reserve | ||
| reviews | ||
| rotating_collections | ||
| selenium | ||
| serials | ||
| services | ||
| skel | ||
| sms | ||
| suggestion | ||
| svc | ||
| t | ||
| tags | ||
| test | ||
| tmp/modified_authorities | ||
| tools | ||
| virtualshelves | ||
| xt | ||
| .htaccess | ||
| .mailmap | ||
| about.pl | ||
| changelanguage.pl | ||
| edithelp.pl | ||
| fix-perl-path.PL | ||
| help.pl | ||
| INSTALL | ||
| install-CPAN.pl | ||
| INSTALL.debian | ||
| INSTALL.fedora7 | ||
| INSTALL.opensuse | ||
| INSTALL.ubuntu | ||
| koha_perl_deps.pl | ||
| kohaversion.pl | ||
| LICENSE | ||
| mainpage.pl | ||
| Makefile.PL | ||
| MANIFEST.SKIP | ||
| README | ||
| README.robots | ||
| rewrite-config.PL | ||
Koha is a free software integrated library system. Koha is distributed under the GNU GPL version 3 or later. Please read the file LICENSE for more details. To install or upgrade Koha, please see the INSTALL file appropriate to your platform. Report bugs at http://bugs.koha-community.org/ Visit the Koha Project website at http://www.koha-community.org/