https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17776
--- Comment #33 from Nick Clemens <[email protected]> --- This patchset leaves the decision open to the user/IT staff outside of Koha. We can either enable shib with plack, or disable plack and use environment variables depending on their unique security needs. Additional spoof protection would be on the maintainer of the Koha server (via apache or other configuration) so is again outside of Koha. We should document that anyone enabling headers should read up on spoof protection. Finding a middleware solution might be a great future enhancement (or just make everyone use CAS :-) ), but I think this is a workable interim solution No blocker for me. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
