1 / 10

Some thoughts on Authentication in general….and Shibboleth in particular

Some thoughts on Authentication in general….and Shibboleth in particular. James Mouw Asst. Director for Technical and Electronic Services The University of Chicago Library Mouw@uchicago.edu. What we believe.

jackieharris
Download Presentation

Some thoughts on Authentication in general….and Shibboleth in particular

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Some thoughts on Authentication in general….and Shibboleth in particular James Mouw Asst. Director for Technical and Electronic Services The University of Chicago Library Mouw@uchicago.edu

  2. What we believe • Shibboleth is one solution for authentication, it is not now and likely never will be the only solution • Shibboleth has many applications beyond library resources

  3. Our Environment • Library controls resources and access mechanisms • Full text and indexing resources • Catalog records • OpenURL, Federated Search • Persistent URL mechanism with redirects • Library Web Page • Various servers, AD for library machines • Public work stations

  4. Our Environment • Campus IT controls • The plumbing • The campus identity management • Security • Remote access • Modem pool, web-based access, VPN, [remote desktop], connectivity package • Basic software adoption – which browsers to support, etc. • The Proxy server(s)

  5. Our planning process • Joint work group – campus IT and library staff • Meeting bi-weekly since fall 2004 • Originally planned to have two groups, one for EXProxy and another for Shib – later merged into one task

  6. Brief history • First library e-resources ~1995 • First proxy server (Squid) ?? (before 1999) • Browser specific, not transportable, didn’t work with many products • Move to EZProxy – January 2006 (URL rewriting technology) • Main issue is links we don’t/can’t control • Fundamental step toward standard operating procedures • Squid to be retired – Summer 2006 • Shibboleth in test

  7. Status of Shibboleth • Planning begins fall 2004 • Membership in InCommon • Shibboleth v.1.3 IdP production April 2006 • Campus ID management in place • Single directory with attributes • Bulk of our time spent on new style of URL management and implications

  8. Trialing Phase • Trial underway with Ebsco Publishing • Plans for OCLC, JSTOR and others

  9. Beyond Library Resources • Use shib internally for all logical authentication • EZProxy • Restricted campus files – based on LDAP attributes • Single signon (Nirvana?)

  10. Next steps • Tom Barton: • Shib just goes in our bag of tricks – for vendors offering ASP-based services, for grid computing activities.

More Related