One use case to keep in mind is the possibility that different patron types might use different authentication methods. At MPOW (not running Evergreen), current faculty, staff, and students log in using their campus LDAP credentials, but guest borrowers and alumni log in using their barcode and last name.
- David On Wed, Jul 27, 2011 at 14:34, Jason Etheridge <[email protected]> wrote: > > That is certainly a related issue but is not directly covered by this > proposal. Initially I would expect this case to simply return a 'user not > found' type error. The authentication system will only answer the question > "Is this person who they say they are?". How the user account gets into the > system (whether periodically or 'on-the-fly') will need to covered > separately. > > So authentication versus authorization (I remember having to squint at > the definitions for those). > > -- > Jason Etheridge > | Equinox Software, Inc. / Your Library's Guide to Open Source > | phone: 1-877-OPEN-ILS (673-6457) > | email: [email protected] > | web: http://www.esilibrary.com >
