Successfully reported this slideshow.
Shibboleth session @
                   IGeLU Ghent Meeting
                            2010
                             ...
Agenda

                   • Shibboleth implementation challenges at
                          SFX, MetaLib, DigiTool, Ale...
Agenda

                   • Hooking up SFX into Shibboleth Service
                          Provider
                   ...
Case studies




Wednesday, 15 September 2010
Charles University in
                             Prague
                   • 100 % Shibboleth access @ e-resources
     ...
Czech National Library

                   • just implemented Shibboleth IdP 2
                   • EZproxy, HAN
         ...
Academy Of Sciences
                           Library
                   • just implemented Shibboleth IdP 2.1.5
        ...
Shibboleth & SFX


                   • Not supported by PDS
                   • Implementation proxy style


Wednesday, ...
Shibboleth & SFX

                   • Challenges
                    • giving up user authentication at SFX,
            ...
Shibboleth & SFX


                   • 1: one user group - one institution in SFX
                          instance
    ...
Shibboleth & SFX
                   •      AZ (subscribed and free e-journals for one or
                          more in...
Shibboleth & SFX
                   • MARCit! (subscribed and free e-journals
                          for one or more in...
Shibboleth & SFX

                   • Export (subscribed and free e-journals for
                          one or more in...
Shibboleth & SFX
                   • Google Scholar exports (subscribed and
                          free e-journals for...
Shibboleth & SFX

                   • RSI (subscribed and free e-journals for one
                          or more insti...
Shibboleth & SFX

                   • Possibility to implement Shibboleth
                          authentication as ext...
Shibboleth & SFX


                   • Challenges
                    • possibility to set up just one Institute or
     ...
Shibboleth & MetaLib

                   • Supported by PDS
                   • Challenges
                    • just one...
Shibboleth & DigiTool

                   • Supported by PDS
                   • Challenges
                    • just on...
Shibboleth & Aleph

                   • Supported by PDS

                   • One affiliation per user considered in
    ...
Aleph as users
                                identities source
                   • CAS - LDAP sync using ORACLE scripts...
Shibboleth & Primo,
                             Primo Central

                   • Supported by PDS
                   •...
Multiple affiliations
                                    solutions
                   • User selection of primary user affi...
PDS hints


                   • Support for Shibboleth 2
                   • Support for Single Logout


Wednesday, 15 S...
Shibboleth hands-on
                   • Charles University E-resources Portal
                    • pez.cuni.cz
         ...
Contact

                      Jiří Pavlík
                      CESNET / Charles University in Prague
                   ...
Upcoming SlideShare
Loading in …5
×

Shibboleth session @ IGeLU Ghent Meeting 2010

1,286 views

Published on

Presentation from Shibboleth session at IGeLU conference in Ghent

Published in: Education
  • Be the first to comment

Shibboleth session @ IGeLU Ghent Meeting 2010

  1. 1. Shibboleth session @ IGeLU Ghent Meeting 2010 Ghent University, September 1st 2010 Wednesday, 15 September 2010
  2. 2. Agenda • Shibboleth implementation challenges at SFX, MetaLib, DigiTool, Aleph • Solutions for missing support for multiple affiliations at SFX, MetaLib, DigiTool authorisation Wednesday, 15 September 2010
  3. 3. Agenda • Hooking up SFX into Shibboleth Service Provider • Aleph as a primary identity source • Working with e-resources in Shibboleth environment hands-on Wednesday, 15 September 2010
  4. 4. Case studies Wednesday, 15 September 2010
  5. 5. Charles University in Prague • 100 % Shibboleth access @ e-resources • EZproxy as Shibboleth gateway • MetaLib, SFX, Aleph, DigiTool • University Information System as primary users identities source, LDAP, IdP 2.1.5-slo Wednesday, 15 September 2010
  6. 6. Czech National Library • just implemented Shibboleth IdP 2 • EZproxy, HAN • MetaLib, SFX, Aleph • Aleph as primary users identities source • ML, SFX - National Information Gateway Wednesday, 15 September 2010
  7. 7. Academy Of Sciences Library • just implemented Shibboleth IdP 2.1.5 • EZproxy, Squid HTTP proxy • MetaLib, SFX, Aleph • Aleph as primary user identities source Wednesday, 15 September 2010
  8. 8. Shibboleth & SFX • Not supported by PDS • Implementation proxy style Wednesday, 15 September 2010
  9. 9. Shibboleth & SFX • Challenges • giving up user authentication at SFX, resources activation for DEFAULT institute • consequences - menu, AZs, exports, MARCit!, Google Scholar export, RSI, Verde Wednesday, 15 September 2010
  10. 10. Shibboleth & SFX • 1: one user group - one institution in SFX instance • N: several user groups - several institutions in SFX instance Wednesday, 15 September 2010
  11. 11. Shibboleth & SFX • AZ (subscribed and free e-journals for one or more institution), selective inheritance • 1 • exclude in AZ for DEFAULT if used • N • exclude - doesn’t solve different selective subscriptions by two or more institutions • or disable inheritance and give up free Open- Access e-journals in institutions AZs Wednesday, 15 September 2010
  12. 12. Shibboleth & SFX • MARCit! (subscribed and free e-journals for one or more institution), auto inheritance •I • no change •N • export SPECIFIC targets Wednesday, 15 September 2010
  13. 13. Shibboleth & SFX • Export (subscribed and free e-journals for one or more institution), auto inheritance •I • no change •N • export SPECIFIC targets Wednesday, 15 September 2010
  14. 14. Shibboleth & SFX • Google Scholar exports (subscribed and free e-journals for one or more institution), auto inheritance •I • no change •N • faulty institutions exports Wednesday, 15 September 2010
  15. 15. Shibboleth & SFX • RSI (subscribed and free e-journals for one or more institution), auto inheritance •I • no change •N • faulty institutions exports Wednesday, 15 September 2010
  16. 16. Shibboleth & SFX • Possibility to implement Shibboleth authentication as external script • http://sfx.jib.cz/sfxkiv3/cgi/public/ user_cookie.cgi? • SFX v3 Advanced User Guide, Setting user_profile Cookies Wednesday, 15 September 2010
  17. 17. Shibboleth & SFX • Challenges • possibility to set up just one Institute or Group in institute variable Wednesday, 15 September 2010
  18. 18. Shibboleth & MetaLib • Supported by PDS • Challenges • just one affiliation per user considered in authorisation Wednesday, 15 September 2010
  19. 19. Shibboleth & DigiTool • Supported by PDS • Challenges • just one affiliation per user considered in authorisation Wednesday, 15 September 2010
  20. 20. Shibboleth & Aleph • Supported by PDS • One affiliation per user considered in authorisation doesn’t matter Wednesday, 15 September 2010
  21. 21. Aleph as users identities source • CAS - LDAP sync using ORACLE scripts • CNL - MULTIDATA Praha - Dynamic LDAP • http://www.multidata.cz/english/universal- dynamic-ldap-server Wednesday, 15 September 2010
  22. 22. Shibboleth & Primo, Primo Central • Supported by PDS • no experiences yet, sorry Wednesday, 15 September 2010
  23. 23. Multiple affiliations solutions • User selection of primary user affiliation/ entitlement at IdP • IdP provide selected affiliation at eduPersonEntitlement or xxxPersonPrimaryEntitlement Wednesday, 15 September 2010
  24. 24. PDS hints • Support for Shibboleth 2 • Support for Single Logout Wednesday, 15 September 2010
  25. 25. Shibboleth hands-on • Charles University E-resources Portal • pez.cuni.cz • testing affiliates welcomed :-) Wednesday, 15 September 2010
  26. 26. Contact Jiří Pavlík CESNET / Charles University in Prague http://www.cuni.cz/~pavlik Wednesday, 15 September 2010

×