220 likes | 373 Views
UCL’s preparations for Shibboleth. Margaret Flett IT Services Development Officer UCL Library Services m.flett@ucl.ac.uk. UCL’s preparations for Shibboleth. Background - UCL Library Services From AthensDA to Shibboleth What to tell the users?. UCL Library Services.
E N D
UCL’s preparations for Shibboleth Margaret Flett IT Services Development Officer UCL Library Services m.flett@ucl.ac.uk
UCL’s preparations for Shibboleth • Background - UCL Library Services • From AthensDA to Shibboleth • What to tell the users?
UCL Library Services • Similar profile to LSE (user types and access requirements) • Broader range of disciplines, and hence resources • Moved from “classic” Athens to AthensDA during 2005/6 • Also use EZProxy for offsite access to (Athens and) non-Athens resources
AthensDA at UCL • HDD method (persistent cookie) • Single sign-on with EZProxy (ie simultaneous). • Same HTML login page whether users come via Athens or EZProxy
http://libproxy.ucl.ac.uk/login?url=http://aapgbulletin.datapages.com/http://libproxy.ucl.ac.uk/login?url=http://aapgbulletin.datapages.com/
AthensDA to Shibboleth • Install and test Shibboleth Identity Provider • Join the UK Access Management Federation • Register Shib Identity Provider with Athens (testing) • Test compliance of Athens resources with the Shib-Athens gateway • Plan strategy for non-compliant resources • Consider best access route for each resource (gateway / direct Shib / proxy / other) • Plan end-user information • Switch from AthensDA to Shib IdP
Shib-Athens gateway Shibboleth-authenticatedusers • Nearly all Athens resources are compliant. Exceptions listed on Athens website. For UCL, four resources, including LexisNexis (Executive/Professional) and Westlaw. • Otherwise, behaves just like AthensDA Athens-protectedresources Photo by paparutzi displayed on Flickr.com
https://auth.athensams.net/setsite.php?id=https://shib-idp.ucl.ac.uk/shibboleth&ath_dspid=ATHENS.MY&ath_returl=%2Fmy%2Fhttps://auth.athensams.net/setsite.php?id=https://shib-idp.ucl.ac.uk/shibboleth&ath_dspid=ATHENS.MY&ath_returl=%2Fmy%2F
User education • Access from Library-controlled links • Access from resources directly • Personalisation features
Library-controlled links • Mostly EZProxy* (IP authentication + proxying permitted) • Some Athens (gateway) • Some Shibboleth (eg Science Direct) • Other password • On-campus only (IP authentication, no proxying) *EZProxy itself will be Shibbolized
Documentation Instructions for: • Accessing a typical resource via library link • List of exceptions to the above • Accessing a typical resource via native interface (“Athens”) • Exceptions to the above (Shibboleth, eg Science Direct) Explanation for keen users about single sign-on, Shibboleth sessions, etc.
Personalisation features • Most Athens resources which offer alerts etc. require separate registration (username/password) • Exceptions include ScienceDirect, Zetoc, TRILT • Zetoc transfer works • Still waiting to test ScienceDirect personalisation features with direct Shibboleth.
Shibboleth in other Library resources UCL is also trying to implement Shibboleth login for as many different services as possible, to take advantage of single sign-on. • EZProxy - tested • MetaLib (and other Ex Libris products) - testing And other institutional resources, eg WebCT, Moodle.
Thank you – questions welcome m.flett@ucl.ac.uk