SlideShare une entreprise Scribd logo

Lir glenn wearen

Télécharger en tant que PPT, PDF
HEAnet
HEAnet
1  sur  30
Why are HEAnet in this space? – Collaborative, shared and cloud services – IP address access control and IPv6 – Synergy with eduroam (single credential, eduGAIN) – NREN fulfils the role of federation operator
Terminology Single Log On • single point of authentication • synchronised account and credentials • authenticate to each application Single Sign On (SSO) • single point of authentication • single credential, single account • authenticate once
Edugate Identity Provider • Authenticates user and provides user data • Personal, non-personal or none Service Provider • Authorises access based on incoming data • Personalises experience based on incoming data • Persists the experience between sessions • Links application data with incoming data
Edugate Identity Providers • Institutes of Technology • Universities • Research agencies on the HEAnet network • Expanded set in the future
Edugate – Potential Services • Institutional services » Any website requiring a login [for non-campus users] • Shared services » HEAnet services, An Cheim services, IReL, NDLR • Academic content » Publishers (EBSCO, Elsevier, JSTOR) and databases • Research portals » Or any cross-institutional research group resource • Organisations offering academic discount » Microsoft Dreamspark, o2, Travelcard
Edugate – Potential Services * Bodington.org * Horde * TWiki *Science Direct * Proquest * Condor * Joomla * uPortal * ExLibris * Serial Solutions * Confluence Wiki * LionShare * WordPress * JSTOR * SCRAN * Darwin Streaming * MediaWiki * Zope + Plone * The Literary * Thomson Gale * Dokuwiki * Mahara * Live@edu Encyclopedia * EZproxy * Drupal * MyProxy * ArtSTOR * Metapress * Blackboard * DSpace * Napster * Elluminate * Moodle * CLIX * eAcademy * PHEAA * CSA * OCLC * Sakai * Fedora Repository * Sharepoint * Digitalbrain * Ovid. * WebAssign * Google Apps * SYMPA * EBSCO * Project MUSE * WebCT * GridSphere/GridShib * Symplicity * Elsvier * Thomson * TurnItIn Reuters *Zetoc * Dawsonera *TargetConnect
Edugate – Internationally AT ACOnet-AAI IT IDEM AU Australian Access Federation AAF LV LAIFE CA Canadian Access Federation CAF NL SURFnet CH SWITCHaai NO FEIDE CZ eduID.cz PT RCTSaai DE DFN-AAI SE SWAMID DK WAYF US InCommon ES SIR UK UK Access Management Federation for FI Haka Education and Research FR Fédération Éducation-Recherche GR GRNET eduGAIN to connect these federations HR AAI@EduHr HU NIIF AAI IE Edugate
UK Access Mgmt. Fed. • Athens services was proprietary and library only • Open standards were used for non-library services • UK Access Management Federation provides alternative to Athens that allows a single access platform services both library and non-library. • 800 Members, All UK Higher Education Institutions have joined the UK Access Management Federation, • 50% of those institutions use it gain access to library content using Shibboleth • 50% use the Athens Gateway to federated access. • Publishers support Shibboleth is approximately 50%.
Edugate Based on the SAML2 Protocol • Interoperable Web-SSO Profile (saml2int.org) – Shibboleth 2, simpleSAMLphp – Oracle, IBM, Ping and Microsoft ADFS v2 Implementation – Service Provider • Web server plug-in (optional application integration) – Identity Provider • Web application with connection to campus directory
Edugate –SAML Z39.50 Protocol • Search multiple targets at the same time • Retrieve SAML Protocol • Authenticate with multiple targets as needed • Authorise
Edugate Authentication • Responsibility of the institution • Usually LDAP, but other options available Authorization – Controlled by the service provider – Institution can filter users before service provider – Based on the users attributes
Edugate Attributes • GivenName, surname, email & Organisation – Joseph, Bloggs, joe.bloggs@um.ie, University of Mullingar • EduPersonPrincipalName – jblgs-stu133@um.ie • EduPersonTargetedID – a44ffed231eda7b7a7d • EduPersonScopedAffiliation – student@um.ie, library-walk-in@um.ie • EduPersonEntitlement urn:mace:heanet.ie:media:write
Edugate Attributes eduPersonScopedAffiliation student undergraduate or postgraduate staff all staff faculty to distinguish teaching staff employee staff other than staff/faculty (e.g., contractor) member comprises all the categories named above affiliate relationship short of full member alum Alumnus (graduate) library-walk-in
Why use Edugate... • Reduce account provisioning for walk-in and campus users • Reduce the number of passwords for your users • Reduce the number of prompts for those passwords • Filter user access to content by affiliation or special groups • Stop worrying about licences and users on your wifi network or open terminals • Start to eliminate abuse of shared credentials/generic accounts • IPv4 to IPv6 migration (193.1.200.412 Vs 2002:c101:e4a5::c101:e4a5) • Enhanced personalisation, without loosing privacy. • No fee
Edugate on Campus IT department sets up identity provider service (IdP) Any other department can opt to accept a federated login (SP) – Library can opt to replace Ezproxy URL in the catalogue. – Library can opt to enable federated login to the library website, repositories – Library can opt to integrate ezproxy with the IdP
Edugate on Campus IT department sets up identity provider service (IdP) IADT,UCD,CIT,DKIT,TCD,NUIM,NUIG,ITT, WIT,LIT,DCU,DIT,UL,DIAS,NCAD
Edugate on Campus Catalogue with Ezproxy Publisher content Publisher content User Publisher content Publisher content LDAP
Edugate on Campus Catalogue with Ezproxy Publisher content Publisher content User Publisher content Publisher content Shibb LDAP
Edugate on Campus Catalogue with Ezproxy Publisher content Publisher content User Publisher content Publisher content Shibb Publisher content Publisher content LDAP Publisher content non-library services
Edugate on Campus Catalogue (With Shibb) Publisher content Publisher content User Publisher content Publisher content Shibb Publisher content Publisher content LDAP Publisher content non-library services
Edugate on Campus Catalogue (Without Ezproxy) Publisher content Publisher content User Publisher content Publisher content Shibb Publisher content Publisher content LDAP Publisher content non-library services
Hybrid Edugate on Campus Catalogue (some Ezproxy some Shibb) Publisher content Publisher content User Publisher content Publisher content Shibb Publisher content Publisher content LDAP Publisher content non-library services
Edugate on Campus Repository (With Shibb) Full upload or preferences User Shibb Shibb Shibb LDAP LDAP LDAP
Edugate for non-academic libraries Repository (With Shibb) Full upload or preferences User Shibb Shibb Shibb LDAP LDAP LDAP
When to use EZ, Shibb or other
Edugate on Campus (Assuming a service supports Shibboleth) Use Shibboleth... • if you intend to take advantage of fine grained access control • If the service offers personalisation and persistent sessions (e.g. search results, search preferences etc). • if the content of the service is frequently accessed as a result of a Google search rather than a search of your Opac (thus bypassing your EZproxy URLs). • if Shibboleth is frequently used to access other services like student email and you want to avail of the single-sign-on with no re-authentication prompts
Edugate on Campus Some services do not support a Shibboleth login yet. • Use EZproxy for services with no personalisation features and for services that don’t feature in Google results, and for services that don’t support Shibboleth • Use EZproxy with Shibboleth for these non personalised services if your campus uses Shibboleth for other frequently accessed services (thus benefiting from single-sign-on) • Use Shibboleth if any of the reasons listed on the previous slide fit
IdP Configuration SP SP Admin Admin Edugate Resource Non Registry Shibboleth IdP Shibb IdP IdP IdP AdminIdP Admin Admin DB Shibb config files

Recommandé

Moodle + Self Contained Instructional Units + Web 2
Moodle + Self Contained Instructional Units + Web 2Moodle + Self Contained Instructional Units + Web 2
Moodle + Self Contained Instructional Units + Web 2Rhonda Ficek
 
Presentation Microsoft Training
Presentation Microsoft TrainingPresentation Microsoft Training
Presentation Microsoft TrainingMary Derrick Cook
 
Rsm boletin obrero-2010-04
Rsm boletin obrero-2010-04Rsm boletin obrero-2010-04
Rsm boletin obrero-2010-04Martin Triana
 
Edugate Futures
Edugate FuturesEdugate Futures
Edugate FuturesHEAnet
 
Predator Control for Sustainable & Organic Livestock Production
Predator Control for Sustainable & Organic Livestock ProductionPredator Control for Sustainable & Organic Livestock Production
Predator Control for Sustainable & Organic Livestock ProductionElisaMendelsohn
 
3 s sofware
3 s sofware3 s sofware
3 s sofwareHuy Viet Nguyen
 
El budismo
El budismoEl budismo
El budismoCarolina Pailañir
 
Current and emerging trends in library services
Current and emerging trends in library servicesCurrent and emerging trends in library services
Current and emerging trends in library servicesNikesh Narayanan
 

Recommandé

Moodle + Self Contained Instructional Units + Web 2
Moodle + Self Contained Instructional Units + Web 2Moodle + Self Contained Instructional Units + Web 2
Moodle + Self Contained Instructional Units + Web 2Rhonda Ficek
 
Presentation Microsoft Training
Presentation Microsoft TrainingPresentation Microsoft Training
Presentation Microsoft TrainingMary Derrick Cook
 
Rsm boletin obrero-2010-04
Rsm boletin obrero-2010-04Rsm boletin obrero-2010-04
Rsm boletin obrero-2010-04Martin Triana
 
Edugate Futures
Edugate FuturesEdugate Futures
Edugate FuturesHEAnet
 
Predator Control for Sustainable & Organic Livestock Production
Predator Control for Sustainable & Organic Livestock ProductionPredator Control for Sustainable & Organic Livestock Production
Predator Control for Sustainable & Organic Livestock ProductionElisaMendelsohn
 
3 s sofware
3 s sofware3 s sofware
3 s sofwareHuy Viet Nguyen
 
El budismo
El budismoEl budismo
El budismoCarolina Pailañir
 
Current and emerging trends in library services
Current and emerging trends in library servicesCurrent and emerging trends in library services
Current and emerging trends in library servicesNikesh Narayanan
 
ShibbolethAccess4librarians
ShibbolethAccess4librariansShibbolethAccess4librarians
ShibbolethAccess4librariansHEAnet
 
Reiss 4
Reiss 4Reiss 4
Reiss 4National Information Standards Organization (NISO)
 
Today's forecast for your campus: BLUEcloud
Today's forecast for your campus: BLUEcloud Today's forecast for your campus: BLUEcloud
Today's forecast for your campus: BLUEcloudSistema de Servicios de Información y Bibliotecas SISIB
 
Federated to library discovery platfoms
Federated to library discovery platfomsFederated to library discovery platfoms
Federated to library discovery platfomsNikesh Narayanan
 
B01 markus gylling-epub
B01 markus gylling-epubB01 markus gylling-epub
B01 markus gylling-epubMyungJi University
 
B01 markus gylling-epub
B01 markus gylling-epubB01 markus gylling-epub
B01 markus gylling-epubMyungJi University
 
OER for repository managers
OER for repository managersOER for repository managers
OER for repository managersNick Sheppard
 
Badcamp 2012 - SFSU Drupal Distribution
Badcamp 2012 - SFSU Drupal DistributionBadcamp 2012 - SFSU Drupal Distribution
Badcamp 2012 - SFSU Drupal DistributionEmanuele Quinto
 
Shibboleth SSO - Charles University case study
Shibboleth SSO - Charles University case studyShibboleth SSO - Charles University case study
Shibboleth SSO - Charles University case studyJiri Pavlik
 
EOSC-Life Workflow Collaboratory
EOSC-Life Workflow CollaboratoryEOSC-Life Workflow Collaboratory
EOSC-Life Workflow CollaboratoryCarole Goble
 
Exposing Library Content with the NISO Metasearch XML Gateway Protocol
Exposing Library Content with the NISO Metasearch XML Gateway ProtocolExposing Library Content with the NISO Metasearch XML Gateway Protocol
Exposing Library Content with the NISO Metasearch XML Gateway ProtocolElectronic Resources & Libraries
 
Neil squire jailbreak lms moodle accessibility
Neil squire jailbreak lms moodle accessibilityNeil squire jailbreak lms moodle accessibility
Neil squire jailbreak lms moodle accessibilityChad Leaman
 
Drupal at-embl-ebi gmod
Drupal at-embl-ebi gmodDrupal at-embl-ebi gmod
Drupal at-embl-ebi gmodjosephrossetto
 
Moodle as the central hub of learning with tools plugged in –learning tool in...
Moodle as the central hub of learning with tools plugged in –learning tool in...Moodle as the central hub of learning with tools plugged in –learning tool in...
Moodle as the central hub of learning with tools plugged in –learning tool in...Gavin Henrick
 
Open access e repositories kelaniya workshop final
Open access e repositories kelaniya workshop finalOpen access e repositories kelaniya workshop final
Open access e repositories kelaniya workshop finalJagath Arachchige
 
Oss and libraries enabling arabic libraries and creating opportunities
Oss and libraries enabling arabic libraries and creating opportunitiesOss and libraries enabling arabic libraries and creating opportunities
Oss and libraries enabling arabic libraries and creating opportunitiesMassoud AlShareef
 
The road to CGSpace
The road to CGSpaceThe road to CGSpace
The road to CGSpaceILRI
 
Limo for the LIBIS network
Limo for the LIBIS networkLimo for the LIBIS network
Limo for the LIBIS networkveerlek
 
Day3 edupub tokyo_idpf
Day3 edupub tokyo_idpfDay3 edupub tokyo_idpf
Day3 edupub tokyo_idpfJapan Electronic Publishing Association
 
K3 edith falk_discoverytoolslibrary
K3 edith falk_discoverytoolslibraryK3 edith falk_discoverytoolslibrary
K3 edith falk_discoverytoolslibraryevaminerva
 

Contenu connexe

Similaire à Lir glenn wearen

ShibbolethAccess4librarians
ShibbolethAccess4librariansShibbolethAccess4librarians
ShibbolethAccess4librariansHEAnet
 
Federated to library discovery platfoms
Federated to library discovery platfomsFederated to library discovery platfoms
Federated to library discovery platfomsNikesh Narayanan
 
OER for repository managers
OER for repository managersOER for repository managers
OER for repository managersNick Sheppard
 
Badcamp 2012 - SFSU Drupal Distribution
Badcamp 2012 - SFSU Drupal DistributionBadcamp 2012 - SFSU Drupal Distribution
Badcamp 2012 - SFSU Drupal DistributionEmanuele Quinto
 
Shibboleth SSO - Charles University case study
Shibboleth SSO - Charles University case studyShibboleth SSO - Charles University case study
Shibboleth SSO - Charles University case studyJiri Pavlik
 
EOSC-Life Workflow Collaboratory
EOSC-Life Workflow CollaboratoryEOSC-Life Workflow Collaboratory
EOSC-Life Workflow CollaboratoryCarole Goble
 
Exposing Library Content with the NISO Metasearch XML Gateway Protocol
Exposing Library Content with the NISO Metasearch XML Gateway ProtocolExposing Library Content with the NISO Metasearch XML Gateway Protocol
Exposing Library Content with the NISO Metasearch XML Gateway ProtocolElectronic Resources & Libraries
 
Neil squire jailbreak lms moodle accessibility
Neil squire jailbreak lms moodle accessibilityNeil squire jailbreak lms moodle accessibility
Neil squire jailbreak lms moodle accessibilityChad Leaman
 
Drupal at-embl-ebi gmod
Drupal at-embl-ebi gmodDrupal at-embl-ebi gmod
Drupal at-embl-ebi gmodjosephrossetto
 
Moodle as the central hub of learning with tools plugged in –learning tool in...
Moodle as the central hub of learning with tools plugged in –learning tool in...Moodle as the central hub of learning with tools plugged in –learning tool in...
Moodle as the central hub of learning with tools plugged in –learning tool in...Gavin Henrick
 
Open access e repositories kelaniya workshop final
Open access e repositories kelaniya workshop finalOpen access e repositories kelaniya workshop final
Open access e repositories kelaniya workshop finalJagath Arachchige
 
Oss and libraries enabling arabic libraries and creating opportunities
Oss and libraries enabling arabic libraries and creating opportunitiesOss and libraries enabling arabic libraries and creating opportunities
Oss and libraries enabling arabic libraries and creating opportunitiesMassoud AlShareef
 
The road to CGSpace
The road to CGSpaceThe road to CGSpace
The road to CGSpaceILRI
 
Limo for the LIBIS network
Limo for the LIBIS networkLimo for the LIBIS network
Limo for the LIBIS networkveerlek
 
K3 edith falk_discoverytoolslibrary
K3 edith falk_discoverytoolslibraryK3 edith falk_discoverytoolslibrary
K3 edith falk_discoverytoolslibraryevaminerva
 

Similaire à Lir glenn wearen (20)

ShibbolethAccess4librarians
ShibbolethAccess4librariansShibbolethAccess4librarians
ShibbolethAccess4librarians
 
Reiss 4
Reiss 4Reiss 4
Reiss 4
 
Today's forecast for your campus: BLUEcloud
Today's forecast for your campus: BLUEcloud Today's forecast for your campus: BLUEcloud
Today's forecast for your campus: BLUEcloud
 
Federated to library discovery platfoms
Federated to library discovery platfomsFederated to library discovery platfoms
Federated to library discovery platfoms
 
B01 markus gylling-epub
B01 markus gylling-epubB01 markus gylling-epub
B01 markus gylling-epub
 
B01 markus gylling-epub
B01 markus gylling-epubB01 markus gylling-epub
B01 markus gylling-epub
 
OER for repository managers
OER for repository managersOER for repository managers
OER for repository managers
 
Badcamp 2012 - SFSU Drupal Distribution
Badcamp 2012 - SFSU Drupal DistributionBadcamp 2012 - SFSU Drupal Distribution
Badcamp 2012 - SFSU Drupal Distribution
 
Shibboleth SSO - Charles University case study
Shibboleth SSO - Charles University case studyShibboleth SSO - Charles University case study
Shibboleth SSO - Charles University case study
 
EOSC-Life Workflow Collaboratory
EOSC-Life Workflow CollaboratoryEOSC-Life Workflow Collaboratory
EOSC-Life Workflow Collaboratory
 
Exposing Library Content with the NISO Metasearch XML Gateway Protocol
Exposing Library Content with the NISO Metasearch XML Gateway ProtocolExposing Library Content with the NISO Metasearch XML Gateway Protocol
Exposing Library Content with the NISO Metasearch XML Gateway Protocol
 
Neil squire jailbreak lms moodle accessibility
Neil squire jailbreak lms moodle accessibilityNeil squire jailbreak lms moodle accessibility
Neil squire jailbreak lms moodle accessibility
 
Drupal at-embl-ebi gmod
Drupal at-embl-ebi gmodDrupal at-embl-ebi gmod
Drupal at-embl-ebi gmod
 
Moodle as the central hub of learning with tools plugged in –learning tool in...
Moodle as the central hub of learning with tools plugged in –learning tool in...Moodle as the central hub of learning with tools plugged in –learning tool in...
Moodle as the central hub of learning with tools plugged in –learning tool in...
 
Open access e repositories kelaniya workshop final
Open access e repositories kelaniya workshop finalOpen access e repositories kelaniya workshop final
Open access e repositories kelaniya workshop final
 
Oss and libraries enabling arabic libraries and creating opportunities
Oss and libraries enabling arabic libraries and creating opportunitiesOss and libraries enabling arabic libraries and creating opportunities
Oss and libraries enabling arabic libraries and creating opportunities
 
The road to CGSpace
The road to CGSpaceThe road to CGSpace
The road to CGSpace
 
Limo for the LIBIS network
Limo for the LIBIS networkLimo for the LIBIS network
Limo for the LIBIS network
 
Day3 edupub tokyo_idpf
Day3 edupub tokyo_idpfDay3 edupub tokyo_idpf
Day3 edupub tokyo_idpf
 
K3 edith falk_discoverytoolslibrary
K3 edith falk_discoverytoolslibraryK3 edith falk_discoverytoolslibrary
K3 edith falk_discoverytoolslibrary
 

Lir glenn wearen

  • 1. Why are HEAnet in this space? – Collaborative, shared and cloud services – IP address access control and IPv6 – Synergy with eduroam (single credential, eduGAIN) – NREN fulfils the role of federation operator
  • 2. Terminology Single Log On • single point of authentication • synchronised account and credentials • authenticate to each application Single Sign On (SSO) • single point of authentication • single credential, single account • authenticate once
  • 3. Edugate Identity Provider • Authenticates user and provides user data • Personal, non-personal or none Service Provider • Authorises access based on incoming data • Personalises experience based on incoming data • Persists the experience between sessions • Links application data with incoming data
  • 4. Edugate Identity Providers • Institutes of Technology • Universities • Research agencies on the HEAnet network • Expanded set in the future
  • 5. Edugate – Potential Services • Institutional services » Any website requiring a login [for non-campus users] • Shared services » HEAnet services, An Cheim services, IReL, NDLR • Academic content » Publishers (EBSCO, Elsevier, JSTOR) and databases • Research portals » Or any cross-institutional research group resource • Organisations offering academic discount » Microsoft Dreamspark, o2, Travelcard
  • 6. Edugate – Potential Services * Bodington.org * Horde * TWiki *Science Direct * Proquest * Condor * Joomla * uPortal * ExLibris * Serial Solutions * Confluence Wiki * LionShare * WordPress * JSTOR * SCRAN * Darwin Streaming * MediaWiki * Zope + Plone * The Literary * Thomson Gale * Dokuwiki * Mahara * Live@edu Encyclopedia * EZproxy * Drupal * MyProxy * ArtSTOR * Metapress * Blackboard * DSpace * Napster * Elluminate * Moodle * CLIX * eAcademy * PHEAA * CSA * OCLC * Sakai * Fedora Repository * Sharepoint * Digitalbrain * Ovid. * WebAssign * Google Apps * SYMPA * EBSCO * Project MUSE * WebCT * GridSphere/GridShib * Symplicity * Elsvier * Thomson * TurnItIn Reuters *Zetoc * Dawsonera *TargetConnect
  • 7. Edugate – Internationally AT ACOnet-AAI IT IDEM AU Australian Access Federation AAF LV LAIFE CA Canadian Access Federation CAF NL SURFnet CH SWITCHaai NO FEIDE CZ eduID.cz PT RCTSaai DE DFN-AAI SE SWAMID DK WAYF US InCommon ES SIR UK UK Access Management Federation for FI Haka Education and Research FR Fédération Éducation-Recherche GR GRNET eduGAIN to connect these federations HR AAI@EduHr HU NIIF AAI IE Edugate
  • 8. UK Access Mgmt. Fed. • Athens services was proprietary and library only • Open standards were used for non-library services • UK Access Management Federation provides alternative to Athens that allows a single access platform services both library and non-library. • 800 Members, All UK Higher Education Institutions have joined the UK Access Management Federation, • 50% of those institutions use it gain access to library content using Shibboleth • 50% use the Athens Gateway to federated access. • Publishers support Shibboleth is approximately 50%.
  • 9.
  • 10.
  • 11. Edugate Based on the SAML2 Protocol • Interoperable Web-SSO Profile (saml2int.org) – Shibboleth 2, simpleSAMLphp – Oracle, IBM, Ping and Microsoft ADFS v2 Implementation – Service Provider • Web server plug-in (optional application integration) – Identity Provider • Web application with connection to campus directory
  • 12. Edugate –SAML Z39.50 Protocol • Search multiple targets at the same time • Retrieve SAML Protocol • Authenticate with multiple targets as needed • Authorise
  • 13. Edugate Authentication • Responsibility of the institution • Usually LDAP, but other options available Authorization – Controlled by the service provider – Institution can filter users before service provider – Based on the users attributes
  • 14. Edugate Attributes • GivenName, surname, email & Organisation – Joseph, Bloggs, joe.bloggs@um.ie, University of Mullingar • EduPersonPrincipalName – jblgs-stu133@um.ie • EduPersonTargetedID – a44ffed231eda7b7a7d • EduPersonScopedAffiliation – student@um.ie, library-walk-in@um.ie • EduPersonEntitlement urn:mace:heanet.ie:media:write
  • 15. Edugate Attributes eduPersonScopedAffiliation student undergraduate or postgraduate staff all staff faculty to distinguish teaching staff employee staff other than staff/faculty (e.g., contractor) member comprises all the categories named above affiliate relationship short of full member alum Alumnus (graduate) library-walk-in
  • 16. Why use Edugate... • Reduce account provisioning for walk-in and campus users • Reduce the number of passwords for your users • Reduce the number of prompts for those passwords • Filter user access to content by affiliation or special groups • Stop worrying about licences and users on your wifi network or open terminals • Start to eliminate abuse of shared credentials/generic accounts • IPv4 to IPv6 migration (193.1.200.412 Vs 2002:c101:e4a5::c101:e4a5) • Enhanced personalisation, without loosing privacy. • No fee
  • 17. Edugate on Campus IT department sets up identity provider service (IdP) Any other department can opt to accept a federated login (SP) – Library can opt to replace Ezproxy URL in the catalogue. – Library can opt to enable federated login to the library website, repositories – Library can opt to integrate ezproxy with the IdP
  • 18. Edugate on Campus IT department sets up identity provider service (IdP) IADT,UCD,CIT,DKIT,TCD,NUIM,NUIG,ITT, WIT,LIT,DCU,DIT,UL,DIAS,NCAD
  • 19. Edugate on Campus Catalogue with Ezproxy Publisher content Publisher content User Publisher content Publisher content LDAP
  • 20. Edugate on Campus Catalogue with Ezproxy Publisher content Publisher content User Publisher content Publisher content Shibb LDAP
  • 21. Edugate on Campus Catalogue with Ezproxy Publisher content Publisher content User Publisher content Publisher content Shibb Publisher content Publisher content LDAP Publisher content non-library services
  • 22. Edugate on Campus Catalogue (With Shibb) Publisher content Publisher content User Publisher content Publisher content Shibb Publisher content Publisher content LDAP Publisher content non-library services
  • 23. Edugate on Campus Catalogue (Without Ezproxy) Publisher content Publisher content User Publisher content Publisher content Shibb Publisher content Publisher content LDAP Publisher content non-library services
  • 24. Hybrid Edugate on Campus Catalogue (some Ezproxy some Shibb) Publisher content Publisher content User Publisher content Publisher content Shibb Publisher content Publisher content LDAP Publisher content non-library services
  • 25. Edugate on Campus Repository (With Shibb) Full upload or preferences User Shibb Shibb Shibb LDAP LDAP LDAP
  • 26. Edugate for non-academic libraries Repository (With Shibb) Full upload or preferences User Shibb Shibb Shibb LDAP LDAP LDAP
  • 27. When to use EZ, Shibb or other
  • 28. Edugate on Campus (Assuming a service supports Shibboleth) Use Shibboleth... • if you intend to take advantage of fine grained access control • If the service offers personalisation and persistent sessions (e.g. search results, search preferences etc). • if the content of the service is frequently accessed as a result of a Google search rather than a search of your Opac (thus bypassing your EZproxy URLs). • if Shibboleth is frequently used to access other services like student email and you want to avail of the single-sign-on with no re-authentication prompts
  • 29. Edugate on Campus Some services do not support a Shibboleth login yet. • Use EZproxy for services with no personalisation features and for services that don’t feature in Google results, and for services that don’t support Shibboleth • Use EZproxy with Shibboleth for these non personalised services if your campus uses Shibboleth for other frequently accessed services (thus benefiting from single-sign-on) • Use Shibboleth if any of the reasons listed on the previous slide fit
  • 30. IdP Configuration SP SP Admin Admin Edugate Resource Non Registry Shibboleth IdP Shibb IdP IdP IdP AdminIdP Admin Admin DB Shibb config files