[OPEN-ILS-DEV] Remote patron authentication
Galen Charlton
gmc at equinoxinitiative.org
Fri Apr 12 11:12:35 EDT 2019
Hi,
On Thu, Apr 11, 2019 at 4:20 PM Jeff Davis <jeff.davis at bc.libraries.coop>
wrote:
> On 2019-04-10 2:34 p.m., Galen Charlton wrote:
> "Don't allow Overdrive auth on my account" makes sense to the patron,
> but gets tricky if multiple vendors are using the same HTTP basic auth
> endpoint or something like that. I suppose we could add a nullable
> opt_out_usr_setting field to config.remoteauth_profile and let libraries
> sort out something that works for their implementation.
I think that's a reasonable approach, and I agree that patrons are much
more likely to think of opt-out in terms of specific services (or _all_
external service), but certainly not in terms of the endpoints.
> > Two changes I would suggest are:
> >
> > - tossing together an Angular admin interface for managing
> > config.remoteauth_profile
>
> I was leaving this for last, but I'll put something together. :)
Thanks!
> > - adding a user activity type for tracking authentication from the new
> > interface
>
> Right now all requests are using the "remoteauth" activity type. On
> reflection, you ought to be able to specify the activity type in the
> authentication profile, so I'll do that.
Thanks!
Regards,
Galen
--
Galen Charlton
Implementation and Services Manager
Equinox Open Library Initiative
phone: 1-877-OPEN-ILS (673-6457)
email: gmc at equinoxInitiative.org
web: https://equinoxInitiative.org
direct: +1 770-709-5581
cell: +1 404-984-4366
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://libmail.georgialibraries.org/pipermail/open-ils-dev/attachments/20190412/34e7fc63/attachment.html>
More information about the Open-ils-dev
mailing list