Table of Contents
Authentication
VuFind® offers several options for allowing users to log in and out of the system.
By default, VuFind® will manage its own database of user accounts. This configuration can be changed to use a variety of external systems.
Supported Options
Currently, VuFind® supports the following options in the [Authentication] section of config.ini.
Basic Options:
- AlmaDatabase - Use VuFind®'s built-in user database in combination with Alma
- CAS - Use the Central Authentication Service
- Database - Use VuFind®'s built-in user database
- Facebook - Use Facebook's login mechanism (not recommended)
- ILS - Use your integrated library system, through the ILS driver.
- LDAP - Use the Lightweight Directory Access Protocol
- PasswordAccess - Require a single password (not username/password combination) for access (useful for simple password protection of entire instances)
- Shibboleth - Use Shibboleth single sign-on
- SIP2 - Use the SIP2 “Standard Interchange Protocol”
Advanced Options:
- ChoiceAuth - Allow the user to choose between several of the Basic Options.
- Email - Allow the user to log in using a link in an email sent to the address associated with an existing account (best used with ChoiceAuth or certain ILSes). When using, you should run the “util expire_auth_hashes” command line utility periodically to clean up expired hashes from the database.
- MultiAuth - Attempt a serial chain of Basic Options without providing user choice (not all options supported).
- MultiILS - Attempt a serial chain of ILS authentication configurations (for use in a consortial environment).
Test-only Option:
- SimulatedSSO - Simulate a single sign-on environment for testing purposes. (Useful for developers; should not be used in a production environment).
It is always worth checking config.ini for additional options, in case more have been added since the last update to this document.
Persistent Login
Beginning with release 10.0, you can optionally configure specific authentication methods to support persistent login, allowing the system to remember user logins for a fixed number of days. See the persistent_login setting (and associated comments) in config.ini for more details.