Presentation is loading. Please wait.

Presentation is loading. Please wait.

CNI Spring 2006 Task Force Meeting

Published byEvangeline Daniel Modified over 5 years ago

Similar presentations

Presentation on theme: "CNI Spring 2006 Task Force Meeting"— Presentation transcript:

1 CNI Spring 2006 Task Force Meeting
Shibboleth for Real Oren Beit-Arie Ex Libris Group CNI Spring 2006 Task Force Meeting April 3-4, 2006 – Arlington, VA

2 Shibboleth and Ex Libris – Past Work
Project Goals Establish SFX as a Shibboleth target (Service Provider) Main motivation: enable role-based features Started discussions with the Internet2/Shibboleth group in Summer 2001 Integrated SFX as a Shibboleth Target (0.9…) as part of Pilot/Alpha Testing in 2002 Rolled out test system to 2 Pilot sites Conclusion - too early to assess the value of such an integration Early stage of Shibboleth development No real Shibboleth adoption in libraries Not enough biz case: role-based entitlements in SFX weren’t a priority

3 Shibboleth and Ex Libris – Current Work
Goals: Focus on local library system’s integration with Shib Specific interest in consortia (including hybrid shib/non-shib) Method: ‘Shibbolize’ the Patron Directory Services (PDS) module

4 Patron Directory Services (PDS) Module
Aleph Authentication AuthN sys Credentials/ID MetaLib Authentication PDS DigiTool Authentication User File * Facilitates a single point of integration with authentication systems for Ex Libris products * Simplifies maintenance * Provides infrastructure for single sign-on (SSO) across Ex Libris products * Accommodates consortia with different institutional AuTN/AuTZ services * Enables easier integration with institutional frameworks (e.g. Shibboleth) Other Applications Other Authentication Systems ID/Attributes

5 PDS – Authentication hub to Shibboleth
AuthN sys Credentials/ID PDS User File Other Applications ID/Attributes

6 Shibboleth and Ex Libris – Current Work
Began working with several MetaLib customers Summer 2005 PDS serves dual roles as the Shibboleth Service Provider and, in consortia, as the Shibboleth WAYF SSO fully or partially implemented to suit institutional MetaLib workflow Results – successful implementations at three MetaLib sites Some good input on future direction… Help identify pre-requisites

7 Current Integration Projects
University System of Maryland (USMAI) successfully implemented MetaLib/Shibboleth integration in a test environment National Library of Finland (FinELib) upgraded existing MetaLib/Shibboleth integration As of late-February 2006, six FinELib institutions are live with with a seventh institution nearly complete University of Newcastle upon Tyne completed beta testing MetaLib/Shibboleth integration Included an automatic sign-in (SSO) Uni of Newcastle’s implementation differs from USMAI and FinELib: At Newcastle, a user with a Shibboleth session is automatically logged in to MetaLib – SSO is fully configured – while users who do not have a Shibboleth session access MetaLib as guests. At FinELib and USMAI, users access MetaLib as guests with Shibboleth authentication invoked only after a subsequent login request by the user.

8 Lessons Learned PDS/MetaLib implementations vary – requires flexibility to accommodate customer’s unique requirements Shibboleth/PDS/MetaLib integration approaches also vary to accommodate the authentication/authorization workflow of each customer’s unique environment… Customers must have a good technical understanding of Shibboleth, PDS/MetaLib Recent projects enabled Ex Libris to identify customer prerequisites for successful PDS/Shibboleth integration with MetaLib Ex.Pre-Reqs: Implement a Shibboleth Identity Provider that can provide user attributes necessary for MetaLib to make authorization decisions Implement logout functionality suitable for their environment Implement the latest versions of MetaLib and related components Integration with Shibboleth Version 1.2 or 1.3 is supported

9 Next Steps Gradually roll out Shibboleth support for MetaLib – general release TBD Continue working with customers interested in ‘Shibbolizing’ PDS for MetaLib authentication Interested customers must complete integration prerequisites Continue documenting guidelines and best practices for successful Shibboleth/PDS/Ex Libris product integration

10 Open Issues Policies/Guidelines Functions/scenarios Development:
Is there a need for better support or consultancy mechanisms to support large-scale implementation? Federations: InCommon, HAKA - what about the rest of the world? Functions/scenarios Sign-off (Shib v.2?) How to accommodate multiple roles of users? Development: Shib & Metasearch - API/Web services (v.2?) Be able to release OpenURL’s baseURL attribute

11 Oren Beit-Arie oren@exlibris-usa.com
Shibboleth for real Oren Beit-Arie

Download ppt "CNI Spring 2006 Task Force Meeting"

Similar presentations

Shibboleth at Cardiff University Lindsay Roberts Project Manager – Shibboleth Implementation Phase 2.

Shibboleth at Cardiff University Lindsay Roberts Project Manager – Shibboleth Implementation Phase 2.
FAME-PERMIS Project University of Manchester University of Kent London, July 2006.

FAME-PERMIS Project University of Manchester University of Kent London, July 2006.
Moodle@Kidderminster College An insight Into the College VLE Graham Mason gmason@kidderminster.ac.uk.

College An insight Into the College VLE Graham Mason
EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
PDS User Management DigiTool Version 3.0. User Management 2 PDS Overview PDS Setup Single Sign On Agenda.

PDS User Management DigiTool Version 3.0. User Management 2 PDS Overview PDS Setup Single Sign On Agenda.
ELAG Trondheim 2004 1 Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Beta Testing: The Contractor’s Perspective Trns·port User Group Meeting October 2005.

Beta Testing: The Contractor’s Perspective Trns·port User Group Meeting October 2005.
Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.

Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.
Enterprise Architecture 2013 ITLC & ITAG Leadership Meeting Discussion Points April 9, 2013.

Enterprise Architecture 2013 ITLC & ITAG Leadership Meeting Discussion Points April 9, 2013.
NELLI, The Finnish National Electronic Library Interface Ari Rouvari 9. - 11.6.2004 ELAG 2004 Trondheim.

NELLI, The Finnish National Electronic Library Interface Ari Rouvari ELAG 2004 Trondheim.
Building the Future: Millennium’s Relationship with Campus Systems and Services John Culshaw Faculty Director for Systems University of Colorado at Boulder.

Building the Future: Millennium’s Relationship with Campus Systems and Services John Culshaw Faculty Director for Systems University of Colorado at Boulder.
SALSA-NetAuth SALSA-FWNA BoF Kevin Miller Duke University Internet2 Member Meeting May 2005.

SALSA-NetAuth SALSA-FWNA BoF Kevin Miller Duke University Internet2 Member Meeting May 2005.
JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.

JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Academic Services Interactive Media Managing the Web with Java JA-SIG Winter 2002 Robert Sherratt Academic Services, Interactive Media.

Academic Services Interactive Media Managing the Web with Java JA-SIG Winter 2002 Robert Sherratt Academic Services, Interactive Media.
June 30, 2004CAMP Shibboleth Implementation Workshop Shibboleth Mockup - ARP GUI Management by Steven Carmody Brown University proxy Walter Hoehn.

June 30, 2004CAMP Shibboleth Implementation Workshop Shibboleth Mockup - ARP GUI Management by Steven Carmody Brown University proxy Walter Hoehn.
National Aeronautics and Space Administration Implementing DSpace at NASA Langley Research Center 1 Greta Lowe Librarian NASA Langley Research Center 757-864-9525.

National Aeronautics and Space Administration Implementing DSpace at NASA Langley Research Center 1 Greta Lowe Librarian NASA Langley Research Center

Similar presentations

Ads by Google