280 likes | 434 Views
Online Library Remote Access Through Proxy Server. Student: Paruyr Hovakimyan Supervisor: Albert Minasyan Referee: Aram Hajian. Abstract.
E N D
Online Library Remote Access Through Proxy Server Student: Paruyr Hovakimyan Supervisor: Albert Minasyan Referee: Aram Hajian
Abstract • The purpose of “Online Library Remote Access through Proxy Server” project is to build the web application which will allow to login into the application with given username and password and access online repositories with IP restrictions. • This project was initiated by American University of Armenia in order to let the students and faculty members to use library materials from abroad of campus.
Table of Content • Introduction • Problem description and research • Detailed description of the problem • Research • Implementation • Components • Security • Conclusion • Suggestions for Future Work • References
Introduction IP Cont rol AUA E-References ACM AGORA EBSCO Allowed User in AUA Rejected 2 User abroad AUA Authentication AUA Proxy Server ACM EBSCO AGORA
Problem description and research • Detailed description of the problem • Requirements • Research • Solutions
Detailed description of the problem Consider following situations • Scenario 1 • medical-school professor takes up a practice in a university-affiliated clinic needs to access BioMed web site • Scenario 2 • During vacation professor wants to do research and needs to access Oxford English Dictionary • Scenario 3 • Number of students wants to access library online materials from home
AUA prescribed the problem (Requirements) AUA stated following requirements • To have the system which will give the access to bought virtual libraries from anywhere to all students and faculty • The system will work on existing Sun Fireware hardware with Solaris 10 operating system installed on it • There should not be any client-side installation or setup to work with the system • The system should be less expensive and use well known technologies to simplify further development and management
Research • Possible solutions to the problem • VPN Access • Proxy Servers • Pass-Through Proxy Servers
Why Pass-Through Proxy Strategy • No client side configuration • Easy to manage • Needs less human resources to maintain • Easy to integrate new services • Easy to use
Pass-Through Proxy Strategy Implementations Most known pass-through proxy strategy implementations • EZProxy • LibProxy
EZProxy • Commercial product • Proxy Server with URL rewriting tool • With own user and host database • With own authentication mechanism • Possibility to integrate with Java • Possible to setup in known operating systems(Windows, Unix, Solaris, etc.)
LibProxy • Free open source product • Possible to integrate with MySQL database and LDAP server • Configurable to work on port base and host base strategy (http://avsl.aua.am:2050, http://2050.avsl.aua.am ) • Possible to setup on limited operating servers (Unix, Solaris) • Needs Apache server with perl module
Decision (EZProxy) Comparing two products EZProxy was chosen because: • Unlike EZProxy which is simple to install, LibProxy require a lot of preinstalled packages to be in OS • EZProxy has very good installation and usage guides • Since EZProxy is commercial product it has good maintenance and support • There are number of publications that advice EZProxy to use as one of the stabile pass-through proxy server • EZProxy works as stand alone application
Components • Application • E-science-library (which during setup in AUA was named Armenian Virtual Science Library(AVSL)) • DataBase • MySQL • Authentication • Open LDAP Server • Web/EJB container • Sun Java System Application Server
Forwarding mechanism • EZCGIServlet String forwardUrl = ezproxyUrl + "/login?user=“ + URLEncoder.encode(user, "UTF-8“) + "&ticket=“+URLEncoder.encode(getKeyedDigest(ezproxyKey + user + timestamp)+ timestamp, "UTF-8") + "&qurl=" + URLEncoder.encode(url, "UTF-8");
Security • Only users with valid session access the EZCGIServlet • http://avsl.aua.am/AVSL /ezcgi?user=username&url=http://www.bl.uk • Double checking • ECGI Servlet sends a ticket to EZProxy with MD5. • EZProxy receives the ticket (the user name, time stamp) it recalculates the message digest and compare it with the ticket. • Request is valid only if the two are identical
Conclusion • Possibility to purchase the expensive licenses and provide them freely to the students, faculty • AVSL uses Directory Server for authenticating users • Which make administration easier • The System uses strong security mechanism to check and give appropriate role to logged in user • AVSL System uses EZProxy server for accessing the publishers’ resources • No need for clients to do any configuration
Suggestions for Future Work • Full integration with EZProxy • The ability to synchronize needed virtual hosts between System and EZProxy hosts list • The ability to synchronize users between LDAP System and EZProxy users list • Add different services, such as enhanced searching capabilities, digital library control systems, etc. into AVSL platform.
References • [1] Jalal B Raouf, “Design of Iraqi Virtual Science Library”, 2007. • URL: http://e-science-library.dev.java.net • [2] AlbamaSuperComputer Authority, “Alabama Virtual Library • (AVL)”, 2000. URL: http://www.avl.lib.al.us/about/index.html • [3] URL: http://www.who.int/hinari/about/en/ • [4] URL: http://www.aginternetwork.org/en/about.php • [5] URL: http://portal.acm.org • [6] URL: https://www.ivsl.org • [7] By Jayson Falkner (et. al.), “Servlets and JavaServer Pages™: The J2EE™ Technology Web Tier”, Addison Wesley, United State of America, September 19, 2003. • [8] By Bruce W. Perry, “Java Servlet & JSP Cookbook”, O'Reilly Media Inc., United States of America, January 2004. [10] NetBeans(IDE) help contents.