1 / 11

Shibboleth for Real

Shibboleth for Real. Oren Beit-Arie Ex Libris Group CNI Spring 2006 Task Force Meeting April 3-4, 2006 – Arlington, VA. Shibboleth and Ex Libris – Past Work. Project Goals Establish SFX as a Shibboleth target (Service Provider) Main motivation: enable role-based features

halen
Download Presentation

Shibboleth for Real

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Shibboleth for Real Oren Beit-Arie Ex Libris Group CNI Spring 2006 Task Force Meeting April 3-4, 2006 – Arlington, VA

  2. Shibboleth and Ex Libris – Past Work • Project Goals • Establish SFX as a Shibboleth target (Service Provider) • Main motivation: enable role-based features • Started discussions with the Internet2/Shibboleth group in Summer 2001 • Integrated SFX as a Shibboleth Target (0.9…) as part of Pilot/Alpha Testing in 2002 • Rolled out test system to 2 Pilot sites • Conclusion - too early to assess the value of such an integration • Early stage of Shibboleth development • No real Shibboleth adoption in libraries • Not enough biz case: role-based entitlements in SFX weren’t a priority

  3. Shibboleth and Ex Libris – Current Work • Goals: • Focus on local library system’s integration with Shib • Specific interest in consortia (including hybrid shib/non-shib) • Method: • ‘Shibbolize’ the Patron Directory Services (PDS) module

  4. Patron Directory Services (PDS) Module Aleph Authentication AuthN sys Credentials/ID MetaLib Authentication PDS DigiTool Authentication User File Other Applications Other Authentication Systems ID/Attributes

  5. Shibboleth PDS – Authentication hub to Shibboleth AuthN sys Credentials/ID PDS User File Other Applications ID/Attributes

  6. Shibboleth and Ex Libris – Current Work • Began working with several MetaLib customers Summer 2005 • PDS serves dual roles as the Shibboleth Service Providerand, in consortia, as theShibboleth WAYF • SSO fully or partially implemented to suit institutional MetaLib workflow • Results – successful implementations at three MetaLib sites • Some good input on future direction… • Help identify pre-requisites

  7. Current Integration Projects • University System of Maryland (USMAI) successfully implemented MetaLib/Shibboleth integration in a test environment • National Library of Finland (FinELib) upgraded existing MetaLib/Shibboleth integration • As of late-February 2006, six FinELib institutions are live with with a seventh institution nearly complete • University of Newcastle upon Tyne completed beta testing MetaLib/Shibboleth integration • Included an automatic sign-in (SSO)

  8. Lessons Learned • PDS/MetaLib implementations vary – requires flexibility to accommodate customer’s unique requirements • Shibboleth/PDS/MetaLib integration approaches also vary to accommodate the authentication/authorization workflow of each customer’s unique environment… • Customers must have a good technical understanding of Shibboleth, PDS/MetaLib • Recent projects enabled Ex Libris to identify customer prerequisites for successful PDS/Shibboleth integration with MetaLib

  9. Next Steps • Gradually roll out Shibboleth support for MetaLib – general release TBD • Continue working with customers interested in ‘Shibbolizing’ PDS for MetaLib authentication • Interested customers must complete integration prerequisites • Continue documenting guidelines and best practices for successful Shibboleth/PDS/Ex Libris product integration

  10. Open Issues • Policies/Guidelines • Is there a need for better support or consultancy mechanisms to support large-scale implementation? • Federations: InCommon, HAKA - what about the rest of the world? • Functions/scenarios • Sign-off (Shib v.2?) • How to accommodate multiple roles of users? • Development: • Shib & Metasearch - API/Web services (v.2?) • Be able to release OpenURL’s baseURL attribute

  11. Shibboleth for real Oren Beit-Arie oren@exlibris-usa.com

More Related