This presentation was provided by Ellen Rotenberg and Rick Stevenson, both of Clarivate Analytics, during the NISO Webinar, Engineering Access Under the Hood, Part One, held on Wednesday, November 1, 2017.
6. 6
Service Provider - SSO setup process
1. SSO setup request made and required information provided
2. Metadata exchange
3. Load Metadata
4. Install IdP certificates into Service Provider trusted store
5. Federation’s IdP Discovery Service URL setup
6. IdP Assertion Attribute Configuration based on provided information from Federation/IDP
7. Personalized Attribute Configuration
8. Product Entitlement Configuration (the fact of having a right to certain product content or functionality)
9. Generate WAYFLESS urls
10. Test SSO
11. 11
Key Challenges and Recommended Solutions
Challenges Recommended Solutions
q Communication between business and technology
groups across both Service Providers and Clients
ü Talk early, talk often
q IdP assertion attribute mismatch ü Adopt standards in how assertion attributes are
released by institutions (IdPs).q Personalization attribute issues
q WAYFLESS url requests
ü Adopt standards in how Service Providers should
construct WAYFLESS URLs.
q Outdated Metadata ü Automate the daily refresh of IdP and SP Metadata
q Forcing users to create additional accounts ü Move away from IP authentication, in favor of SSO
ü Service Providers implement smarter access
paradigms
q User confusion when navigating within Service
Provider resources