1 / 15

Integration Primo- Aleph -PDS-SSO-AAI

Integration Primo- Aleph -PDS-SSO-AAI. Wolfgang Lierz Staff IT-Services / Network & Security Admin ETH- Bibliothek Zurich. Integration of Aleph/Primo with PDS into larger Shibboleth/SSO environments. Integration Primo- Aleph -PDS-SSO-AAI Why Single Sign -On anyway ?.

lola
Download Presentation

Integration Primo- Aleph -PDS-SSO-AAI

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Integration Primo-Aleph-PDS-SSO-AAI • Wolfgang Lierz • Staff IT-Services / Network & Security Admin • ETH-Bibliothek Zurich Integration of Aleph/Primo with PDS into larger Shibboleth/SSO environments Wolfgang Lierz / IGeLU 2012 Zurich

  2. Integration Primo-Aleph-PDS-SSO-AAIWhy Single Sign-On anyway? • We have alternatives: • Post-It around display • Post-It below keyboard • Browser password store • KeePass password store • Cloud password store • Facebook login Wolfgang Lierz / IGeLU 2012 Zurich

  3. Integration Primo-Aleph-PDS-SSO-AAIAuthentication andAuthorization Infrastructure Without AAI-SSO With AAI-SSO • 1999-2000 First ideasandworkshop • 2001-2003 Project studyandpilot • 2004-2005 Implementation Wolfgang Lierz / IGeLU 2012 Zurich

  4. Integration Primo-Aleph-PDS-SSO-AAIAAI in Switzerland Wolfgang Lierz / IGeLU 2012 Zurich

  5. Integration Primo-Aleph-PDS-SSO-AAIAuthentication withnethz ETH Zurichmembers «nethz» database HR / Students Administration «nethz-login» LDAP RADIUS AAI(Shibboleth) Active Directory Authentication «Who am I» Authorization «Whatmay I do» e-pics WindowsExchangeSharepoint e-collection. Proxy SMS WLANeduroam VPN «Same Sign On» «Single Sign On» Wolfgang Lierz / IGeLU 2012 Zurich

  6. Integration Primo-Aleph-PDS-SSO-AAIAlephin Switzerland ExLibrisAleph v20(only NEBIS with PDS) 5 Systems Shared User File (SUF) 700000 accounts Integration UZH into NEBIS 2013(INUIT)200000 accounts200 libraries Wolfgang Lierz / IGeLU 2012 Zurich

  7. Integration Primo-Aleph-PDS-SSO-AAI AAI-SSO for ETHZ staffandstudents • Goals withincurrent NEBIS/Alephoperation: • eliminate separate individual userregistration / activationprocessatlibrary • enablenethz-useridfor ETHZ staffandstudents • usenethz-attributes of ALL staffandstudentsbyAlephanddiscontinue separate usermanagement Wolfgang Lierz / IGeLU 2012 Zurich

  8. Integration Primo-Aleph-PDS-SSO-AAIAlephwithnethz / PLIF Alternatives A2+A3 unfortunatelyimpossiblewithAleph SAP nightly A3 AAI A2 Batch / Copy on request nethz User / CopyatLogin PDS (login) ShibbolethUniqueIDas additional Aleph ID #20 Aleph(Application) PLIF nethz (at least daily) Indices A4 Aleph(Database) Batch / triggeredbychanges Wolfgang Lierz / IGeLU 2012 Zurich

  9. Integration Primo-Aleph-PDS-SSO-AAI2012: AAI-SSO for ETH members Intermediate (PDS) Login pagefrom September 2012 Authentication via «native» Alephlogin(maydisappear 2013) Authentication via «nethz-login»(AAI-SSO)(moreselections 2013) Embedded WAYF Wolfgang Lierz / IGeLU 2012 Zurich

  10. PIN-VHO Integration Primo-Aleph-PDS-SSO-AAI2013: AAI-SSO forprivate customers E-Lending Primo FE 1...4 e-shelf AAI IDP (at ETHZ)aai-login.ethz.ch WAYF PDS (login) with Shibboleth (via nethz) NEBIS/Aleph EAD00 AAI IDP (operated by Switch)aai-login.libraries.ch future other AAI IDPs (SSL connection) INUIT EAD50 ZAD50 UZH50 NEBIS Form for registration Indices (Aleph) Private customers DB- Attributes fromAleph - Passwords onlyhere (New) registrationregister.libraries.ch Aleph (Oracle DB) InitialPassword Re(set) passwordpassword.libraries.ch Private customers New separate Private Customers IDP (at ETHZ) Wolfgang Lierz / IGeLU 2012 Zurich

  11. Integration Primo-Aleph-PDS-SSO-AAIFuture: ID management outside Ex Libris AAI IDP (at ETHZ)aai-login.ethz.ch E-Lendingandothers WAYF (via nethz) Primo FE 1...4 e-shelf AAI IDP (operated by Switch)aai-login.libraries.ch other AAI IDPs PDS as a separate service WITH attribute retrieval Private customers DB- Attributes now HERE - Passwords onlyhere (New) registrationregister.libraries.ch Alma ? Re(set) passwordpassword.libraries.ch Swiss-widePrivate Customers IDP Interface toexternalIdentity Management Wolfgang Lierz / IGeLU 2012 Zurich

  12. Integration Primo-Aleph-PDS-SSO-AAIFurther reading • Formuchmoredetailsseeourreport • Single Sign On für e-lib.ch und sein Webportal(in German, 2012, 61 p.) • e-collection.library.ethz.ch/view/eth:5453 Wolfgang Lierz / IGeLU 2012 Zurich

  13. Integration Primo-Aleph-PDS-SSO-AAICredits • Thanksto: • SSO projectteamofETH-Bibliothek • ITS IT-Services ofETH-Bibliothek • ICT servicesof ETH Zurich • SWITCH AAI team • ELCA Informatik AG, Zürich Wolfgang Lierz / IGeLU 2012 Zurich

  14. Integration Primo-Aleph-PDS-SSO-AAIQuestions ? • Thankyou! • wolfgang.lierz@library.ethz.ch SFX with PDS-SSO-AAI ? Wolfgang Lierz / IGeLU 2012 Zurich

  15. Demo http://www.switch.ch/aai/demo/ Wolfgang Lierz / IGeLU 2012 Zurich

More Related