====== Authentication ====== VuFind® offers several options for allowing users to log in and out of the system. By default, VuFind® will manage its own database of user accounts. This configuration can be changed to use a variety of external systems. ===== Supported Options ===== Currently, VuFind® supports the following options in the [Authentication] section of [[.files:config.ini]]. Basic Options: * AlmaDatabase - Use VuFind®'s built-in user database in combination with [[configuration:ils:alma|Alma]] * CAS - Use the Central Authentication Service * Database - Use VuFind®'s built-in user database * Facebook - Use Facebook's login mechanism (not recommended) * ILS - Use your integrated library system, through the [[development:plugins:ils_drivers|ILS driver]]. * LDAP - Use the Lightweight Directory Access Protocol * PasswordAccess - Require a single password (not username/password combination) for access (useful for simple password protection of entire instances) * [[shibboleth|Shibboleth]] - Use Shibboleth single sign-on * SIP2 - Use the SIP2 "Standard Interchange Protocol" Advanced Options: * ChoiceAuth - Allow the user to choose between several of the Basic Options. * Email - Allow the user to log in using a link in an email sent to the address associated with an existing account (best used with ChoiceAuth or certain ILSes). When using, you should run the "util expire_auth_hashes" [[administration:command_line_utilities|command line utility]] periodically to clean up expired hashes from the database. * MultiAuth - Attempt a serial chain of Basic Options without providing user choice (not all options supported). * MultiILS - Attempt a serial chain of ILS authentication configurations (for use in a consortial environment). It is always worth checking [[.files:config.ini]] for additional options, in case more have been added since the last update to this document. ===== Persistent Login ===== Beginning with release 10.0, you can optionally configure specific authentication methods to support persistent login, allowing the system to remember user logins for a fixed number of days. See the persistent_login setting (and associated comments) in [[.files:config.ini]] for more details.