Transcript UCL’s preparations for Shibboleth
UCL LIBRARY SERVICES
UCL’s preparations for Shibboleth
Margaret Flett
IT Services Development Officer UCL Library Services
UCL LIBRARY SERVICES
UCL’s preparations for Shibboleth
Background - UCL Library Services From AthensDA to Shibboleth What to tell the users?
UCL LIBRARY SERVICES
UCL Library Services
Similar profile to LSE (user types and access requirements) Broader range of disciplines, and hence resources Moved from “classic” Athens to AthensDA during 2005/6 Also use EZProxy for offsite access to (Athens and) non-Athens resources
UCL LIBRARY SERVICES
AthensDA at UCL
HDD method (persistent cookie) Single sign-on with EZProxy (ie simultaneous).
Same HTML login page whether users come via Athens or EZProxy
UCL LIBRARY SERVICES
UCL LIBRARY SERVICES
UCL LIBRARY SERVICES
UCL LIBRARY SERVICES
http:// libproxy.ucl.ac.uk/login?
url=http://aapgbulletin.datapages.com/
UCL LIBRARY SERVICES
UCL LIBRARY SERVICES
AthensDA to Shibboleth
Install and test Shibboleth Identity Provider Join the UK Access Management Federation Register Shib Identity Provider with Athens (testing) Test compliance of Athens resources with the Shib-Athens gateway Plan strategy for non-compliant resources Consider best access route for each resource (gateway / direct Shib / proxy / other) Plan end-user information Switch from AthensDA to Shib IdP
UCL LIBRARY SERVICES
UCL LIBRARY SERVICES
UCL LIBRARY SERVICES
Shib-Athens gateway
Shibboleth authenticated users Athens-protected resources Nearly all Athens resources are compliant. Exceptions listed on Athens website. For UCL, four resources, including
LexisNexis
(Executive/Professional) and
Westlaw
.
Otherwise, behaves just like AthensDA
Photo by paparutzi displayed on Flickr.com
UCL LIBRARY SERVICES
https://auth.athensams.net/setsite.php?
id=https://shib-idp.ucl.ac.uk/shibboleth & ath_dspid=ATHENS.MY&ath_returl=%2Fmy%2F
UCL LIBRARY SERVICES
UCL LIBRARY SERVICES
UCL LIBRARY SERVICES
User education
Access from Library-controlled links Access from resources directly Personalisation features
UCL LIBRARY SERVICES
Library-controlled links
Mostly EZProxy* (IP authentication + proxying permitted) Some Athens (gateway) Some Shibboleth (eg Science Direct) Other password On-campus only (IP authentication, no proxying) *EZProxy itself will be Shibbolized
UCL LIBRARY SERVICES
Documentation
Instructions for: Accessing a typical resource via library link List of exceptions to the above Accessing a typical resource via native interface (“Athens”) Exceptions to the above (Shibboleth, eg Science Direct) Explanation for keen users about single sign-on, Shibboleth sessions, etc.
UCL LIBRARY SERVICES
Personalisation features
Most Athens resources which offer alerts etc. require separate registration (username/password) Exceptions include ScienceDirect, Zetoc, TRILT Zetoc transfer works Still waiting to test ScienceDirect personalisation features with direct Shibboleth.
UCL LIBRARY SERVICES
Shibboleth in other Library resources
UCL is also trying to implement Shibboleth login for as many different services as possible, to take advantage of single sign-on.
EZProxy - tested MetaLib (and other Ex Libris products) - testing And other institutional resources, eg WebCT, Moodle.
UCL LIBRARY SERVICES