About Features Downloads Getting Started Documentation Events Support GitHub

Site Tools


configuration:user_privacy

User Privacy

By default, VuFind collects some user information in order to support user-facing features and to make the user experience more convenient. Configuration options are available to control exactly how much user data is stored.

Privacy Mode

If privacy is your first priority, you can turn on VuFind's privacy mode, controlled by the privacy setting in the [Authentication] section of config.ini. When this setting is turned on, no user data will be permanently stored, but user-oriented features like saved favorite lists and comments cannot be supported. See the comments in the configuration file for more details. :!: This feature was introduced in VuFind 3.0.

Right to Be Forgotten

Even if you do not turn on privacy mode, you can still allow users to remove their own accounts by turning on the account_deletion setting in the [Authentication] section of config.ini. :!: This feature was introduced in VuFind 5.0.

Controlling Storage of User Data

The data fields stored in VuFind's database vary depending on the authentication method specified in the [Authentication] section of config.ini. In some cases (such as CAS, LDAP and Shibboleth), additional configuration is used to map which fields are populated, and this can be used to greatly limit the amount of identifiable information found in VuFind's user table.

Password Security

VuFind supports the unencrypted storage of user credentials in the database. This is useful for backward compatibility when migrating from pre-2.0 versions of VuFind, but its use under any other circumstances is STRONGLY discouraged. When you set up VuFind using the web-based installation process, the “security” check will automatically set up password hashing and encryption for you.

When hashing and encryption is enabled, note that user passwords and ILS credentials are handled differently:

User Passwords

VuFind only stores password data when it is configured to use an internal authentication mechanism (i.e. its own database). In this case, passwords are stored as non-reversible hashes (unless the discouraged plain text configuration is enabled). When external authentication is used (e.g. LDAP, Shibboleth, etc.) no password information is stored by VuFind.

ILS Credentials

When an ILS (Integrated Library System) is integrated with VuFind, VuFind stores the user's ILS credentials in order to facilitate convenient access to ILS functionality without repeatedly prompting for a secondary login. Unless configured otherwise, these credentials are stored in an encrypted format in the database, and are only decrypted by VuFind on demand in order to access ILS functionality.

configuration/user_privacy.txt · Last modified: 2018/12/19 18:34 by demiankatz