From: Galen Charlton Date: Fri, 6 Sep 2019 21:17:14 +0000 (-0400) Subject: LP#1817645: add release notes X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=46c8e3a876bdf34222429dc9d98954ff84ef20c1;p=evergreen%2Fpines.git LP#1817645: add release notes These are taken from the introduction of the technical reference docs written by Jeff Davis. Signed-off-by: Galen Charlton --- diff --git a/docs/RELEASE_NOTES_NEXT/Architecture/remoteauth.adoc b/docs/RELEASE_NOTES_NEXT/Architecture/remoteauth.adoc new file mode 100644 index 0000000000..d86cba3f95 --- /dev/null +++ b/docs/RELEASE_NOTES_NEXT/Architecture/remoteauth.adoc @@ -0,0 +1,18 @@ +Configurable APIs for Patron Authentication and Retrieval +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +Many external services need to authenticate patrons and retrieve information +about their accounts from Evergreen. Most of these services support some form +of HTTP-based authentication, but every service has its own requirements and +none of them support native Evergreen authentication. Meanwhile, libraries +often need to restrict access to these external services based on patron type, +current status, standing penalties, and so on. + +To meet these needs, Evergreen now has support for separate, configurable HTTP +API endpoints for remote patron authentication and retrieval. Each RemoteAuth +endpoint handles a different external service or authentication method. You +set up the endpoints you want in your Apache config; each one uses a generic +mod_perl handler to manage incoming requests, and specifies a Perl module that +can actually talk to the external service, as well as an authentication profile +that determines which patrons can be authenticated at this endpoint. Support +for https://tools.ietf.org/html/rfc7617["Basic" HTTP Authentication] is +provided as a reference implementation.