https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23771
Bug ID: 23771
Summary: CAS/Shib Authentication can fail when multiple users
with no userid/cardnumber defined and one of them is
locked
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P5 - low
Component: Authentication
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected]
When logging in via cas no userid is passed to checkpw, however, we still seek
out users with a null userid/cardnumber. If one of those users has a locked
account and it happens to be the one chosen, we won't continue to CAS/Shib
login (or LDAP, but LDAP shouldn't get a blank userid)
--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
