https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=40705
Bug ID: 40705
Summary: Password expiry date blocks SSO authentication
Change sponsored?: ---
Product: Koha
Version: 24.05
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected]
Iam only able to test on our Koha, which is not a "vanilla" environment, so I
don't know if it's only us o not.
We've added an identity provider to be able to login with Microsoft on the
OPAC. And to "force" people to use that login method instead of the manual one,
we added an expiry date on everybody's password in Koha. The idea was that,
with their password expired, the patrons would need to use the Microsoft auth.
But the issue is, when the password is expired in Koha, the Microsoft
authentication doesn't work. We are redirected to the Microsoft login page, but
then when we are returned in Koha, we have the expired password alert.
We are able to connect to the OPAC using Microsoft only after deleting the
password expiry date or renewing the password from the staff interface or the
OPAC. So it seems like the password expiry date applies to the entire ability
to connect to the OPAC and not just on the password provided by Koha...
To test :
1. Add an identity provider with OIDC protocol.
2. Make sure both the Microsoft authentication and the manual one work as it
should.
3. Add a password expiry date to the current date or before.
4. Try either one of the authentication method, you will receive the alert
about the password being expired.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
