qw(shib_ok checkpw_shib logout_shib login_shib_url get_login_shib);
# Check for good config
- if ( shib_ok() ) {
-
- # Get shibboleth login attribute
- $shib_login = get_login_shib();
- }
-
- # Bad config, disable shibboleth
- else {
- $shib = 0;
- }
+ $shib = 0 unless shib_ok();
}
if ($cas) {
import C4::Auth_with_cas qw(check_api_auth_cas checkpw_cas login_cas logout_cas login_cas_url logout_if_required);
my $in = shift;
my ( $user, $cookie, $sessionID, $flags );
+ # Get shibboleth login attribute
+ $shib_login = get_login_shib() if $shib;
+
C4::Context->interface( $in->{type} );
$in->{'authnotrequired'} ||= 0;
sub checkauth {
my $query = shift;
$debug and warn "Checking Auth";
+
+ # Get shibboleth login attribute
+ $shib_login = get_login_shib() if $shib;
+
# $authnotrequired will be set for scripts which will run without authentication
my $authnotrequired = shift;
my $flagsrequired = shift;
use C4::Members::Messaging;
use Carp;
use CGI;
+use List::Util qw(any);
use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $debug);
my $config = _get_shib_config();
my $matchAttribute = $config->{mapping}->{ $config->{matchpoint} }->{is};
- $debug and warn $matchAttribute . " value: " . $ENV{$matchAttribute};
- return $ENV{$matchAttribute} || '';
+ if ( any { /(^psgi|^plack)/i } keys %ENV ) {
+ $debug and warn $matchAttribute . " value: " . $ENV{"HTTP_".uc($matchAttribute)};
+ return $ENV{"HTTP_".uc($matchAttribute)} || '';
+ } else {
+ $debug and warn $matchAttribute . " value: " . $ENV{$matchAttribute};
+ return $ENV{$matchAttribute} || '';
+ }
}
# Checks for password correctness
Tell apache that we wish to allow koha to authenticate via shibboleth.
-This is as simple as adding the below to your virtualhost config:
+This is as simple as adding the below to your virtualhost config (for CGI running):
+
+ <Location />
+ AuthType shibboleth
+ Require shibboleth
+ </Location>
+
+Or (for Plack running):
<Location />
AuthType shibboleth
Require shibboleth
+ ShibUseEnvironment Off
+ ShibUseHeaders On
</Location>
=item 5.