LP#1526558: make it optional to use AuthProxy for SIP client login

You may wish to use an authentication proxy for SIP patron
authentication, but generally the SIP client login will be known only to
Evergreen, not to the central authentication system.  This commit avoids
using the authentication proxy for client login unless the new SIP
"use_proxy_for_client_login" option is set to "true".

Signed-off-by: Jeff Davis <jeff.davis@bc.libraries.coop>
Signed-off-by: Bill Erickson <berickxx@gmail.com>

diff --git a/Open-ILS/src/perlmods/lib/OpenILS/SIP.pm b/Open-ILS/src/perlmods/lib/OpenILS/SIP.pm
index 1121bb4..7e82366 100644 (file)
--- a/Open-ILS/src/perlmods/lib/OpenILS/SIP.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/SIP.pm
@@ -196,6 +196,8 @@ sub login {
         return $self->{authtoken} if ($self->fetch_session); # fetch the session
     }
 
+    my $use_proxy_for_client_login = $self->get_option_value('use_proxy_for_client_login') || 'false';
+
     my $auth_proxy_enabled = 0;
     eval {
         $auth_proxy_enabled = $U->simplereq(
@@ -205,7 +207,7 @@ sub login {
     };
 
     my $response;
-    if ($auth_proxy_enabled) {
+    if ($auth_proxy_enabled && $use_proxy_for_client_login =~ /true/i) {
         $response = $U->simplereq(
             'open-ils.auth_proxy',
             'open-ils.auth_proxy.login',