SlideShare ist ein Scribd-Unternehmen logo

Shibboleth SSO - Charles University case study

Jiri Pavlik
Jiri Pavlik

Presentation from IGeLU conference at Haifa University, September 11th 2011

TechnologieBildung
1 von 36
Downloaden Sie, um offline zu lesen
Shibboleth SSO - Charles University case study Jiri Pavlik CESNET / Charles University Computer Centre Haifa University, September 11th 2011
Agenda • Vision, goal, project • Implementation - SFX, MetaLib, Aleph, DigiTool • Sharing resources, future development
Welcome & enjoy :-)
Goal, vision • All library systems & electronic resources working in Single-Sign-On environment • Plan presented at IGeLU 2010 conference workshop in Ghent
Charles University in Prague context • 17 faculties, 3 institutes, hundreds of departments • 2 institutes jointly run with Czech Academy of Sciences • ~ 60 000 students and staff
Charles University in Prague context • SFX, bX, MetaLib, Aleph, DigiTool,Verde • EZproxy, E-resources Portal • ~150 subscribed electronic on-line resources, databases, ~65000 ejournals, ~51000 ebooks
Charles University in Prague context • decentralized subscription policy - not all resources are subscribed for all students and stuff
Charles University in Prague context • AAI: central LDAP, Shibboleth IdP • CESNET member • Czech Academic Identity Federation eduID.cz member • involved in national and international projects
Project • reach the goal - SSO • CESNET funded • case-study • guides • finish summer 2011
Project • SFX, MetaLib, Aleph, DigiTool • E-resources Portal • EZproxy • CMS - Document Globe • Streaming & Podcast servers
SFX • Shibboleth authentication is not supported, IP address based authentication only • Shibboleth WAYFless linking is supported
SFX • authentication method switched from IP address based to Shibboleth • EZproxy configured as a proxy • PROXY institution defined with IP address range 0.0.0.0 - 255.255.255.255 • institutions kept, but IP address ranges deleted • PROXY institution added to all targets and activated
SFX • WAYFless linking set up for all resources supporting Shibboleth authentication • (EZ)proxy linking set up for all resources without native Shibboleth authentication support • Implemented by Michael Zach & Jiri Pavlik
MetaLib • Shibboleth authentication is supported in PDS authentication module • multiple users affiliations are not supported in authorization
MetaLib • Shibboleth Service Provider installed & registered in eduID.cz federation • authentication method at PDS switched from LDAP to Shibboleth • set up WAYF skipping in SP configuration • authorization mapping tuned in MetaLib configuration, based on eduPersonEntitlement attribute values
MetaLib • CAS admin preferred primary affiliation functionality developed • Implemented by Martin Ledinsky & Jan Krajic & Michal Vocu & Jiri Pavlik
Aleph • Shibboleth authentication is supported in PDS authentication module • no authorization need
Aleph • Shibboleth Service Provider installed & registered in eduID.cz federation • authentication method at PDS switched from LDAP, Aleph to Shibboleth • Aleph authentication kept for ILL users • set up WAYF skipping in SP configuration
Aleph • Implemented by Jaro Sivak & Jan Krajic & Jiri Pavlik
DigiTool • Shibboleth authentication is supported in PDS authentication module • multiple users affiliations are supported in authorization
DigiTool • Shibboleth Service Provider installed & registered in eduID.cz federation • authentication method at PDS switched from LDAP, DigiTool to Shibboleth • separate IdP started for registered external users authentication - no anonymous access to diploma works
DigiTool • authorization mapping tuned in DigiTool configuration, based on eduPersonEntitlement attribute values • federated authentication set up • own WAYF, eduID.cz members and the external users IdPs are listed • Implemented by Andrea Fojtu & Jan Krajic & Michal Vocu & Jiri Pavlik
EZproxy • configured as a proxy pro SFX • set up authentication skipping for access from appropriate University IP address ranges • configurations for resources with native Shibboleth support kept as a backup access • Implemented by Petr Novak & Jiri Pavlik
Sharing resources • guides available at eduID.cz Wiki • http://www.eduid.cz/wiki/eduid/admins/howto/deploy/index#knihovni_systemy • using by: Masaryk University in Brno, Czech Academy of Sciences Library, National Technical Library, Moravian Library, Czech National Library, Tomas Bata University in Zlin, ... • kept updated
Sharing resources • presentations & consultations • test account • English translation, EL Commons? • special thanks to Ere Maijala and Ex Libris
Future development • SFX - Shibboleth authentication support for menu, AZ, statistics, ... • NERS Enhancement Request in current ballot - Institutes: add Shibboleth authentication
Future development • MetaLib - authorization supporting users multiple affiliations • Support Incident • MetaLib, Aleph, DigiTool - Single Logout • DigiTool - international authentication: eduGAIN, InCommon federation, ...
Future development • Academy of Sciences logins for the 2 joined University and Academy institutions members • Discovery system - Primo
Future development • Raptor statistics • unified top level e-resources usage statistics • usage divided by user groups • overcome providers inability to deliver statistics divided by user groups • overcome missing ebooks statistics support in Ustat
Q & A, contact Jiri Pavlik jpavlik@cesnet.cz http://www.cuni.cz/~pavlik

Empfohlen

The State of Library Management Systems 2016
The State of Library Management Systems 2016The State of Library Management Systems 2016
The State of Library Management Systems 2016
Ellyssa Kroski
 
OSDPA: One Body, Many Heads: Preservation and Access From Project Hydra
OSDPA: One Body, Many Heads: Preservation and Access From Project HydraOSDPA: One Body, Many Heads: Preservation and Access From Project Hydra
OSDPA: One Body, Many Heads: Preservation and Access From Project Hydra
Avalon Media System
 
The Avalon Media System: Open Source Audio and Video Access for Libraries and...
The Avalon Media System: Open Source Audio and Video Access for Libraries and...The Avalon Media System: Open Source Audio and Video Access for Libraries and...
The Avalon Media System: Open Source Audio and Video Access for Libraries and...
Avalon Media System
 
Avalon 2016 Overview
Avalon 2016 OverviewAvalon 2016 Overview
Avalon 2016 Overview
Avalon Media System
 
CNI 2016: Avalon overview
CNI 2016: Avalon overviewCNI 2016: Avalon overview
CNI 2016: Avalon overview
Avalon Media System
 
Avalon 5.0 and Beyond
Avalon 5.0 and BeyondAvalon 5.0 and Beyond
Avalon 5.0 and Beyond
Avalon Media System
 
The Avalon Media System: An Open Source Audio/Video System for Libraries and ...
The Avalon Media System: An Open Source Audio/Video System for Libraries and ...The Avalon Media System: An Open Source Audio/Video System for Libraries and ...
The Avalon Media System: An Open Source Audio/Video System for Libraries and ...
Avalon Media System
 
Crowdsourcing the Maintenance of E-Resource Metadata: How WorldCat Knowledge ...
Crowdsourcing the Maintenance of E-Resource Metadata: How WorldCat Knowledge ...Crowdsourcing the Maintenance of E-Resource Metadata: How WorldCat Knowledge ...
Crowdsourcing the Maintenance of E-Resource Metadata: How WorldCat Knowledge ...
Charleston Conference
 

Empfohlen

The State of Library Management Systems 2016
The State of Library Management Systems 2016The State of Library Management Systems 2016
The State of Library Management Systems 2016
Ellyssa Kroski
 
OSDPA: One Body, Many Heads: Preservation and Access From Project Hydra
OSDPA: One Body, Many Heads: Preservation and Access From Project HydraOSDPA: One Body, Many Heads: Preservation and Access From Project Hydra
OSDPA: One Body, Many Heads: Preservation and Access From Project Hydra
Avalon Media System
 
The Avalon Media System: Open Source Audio and Video Access for Libraries and...
The Avalon Media System: Open Source Audio and Video Access for Libraries and...The Avalon Media System: Open Source Audio and Video Access for Libraries and...
The Avalon Media System: Open Source Audio and Video Access for Libraries and...
Avalon Media System
 
Avalon 2016 Overview
Avalon 2016 OverviewAvalon 2016 Overview
Avalon 2016 Overview
Avalon Media System
 
CNI 2016: Avalon overview
CNI 2016: Avalon overviewCNI 2016: Avalon overview
CNI 2016: Avalon overview
Avalon Media System
 
Avalon 5.0 and Beyond
Avalon 5.0 and BeyondAvalon 5.0 and Beyond
Avalon 5.0 and Beyond
Avalon Media System
 
The Avalon Media System: An Open Source Audio/Video System for Libraries and ...
The Avalon Media System: An Open Source Audio/Video System for Libraries and ...The Avalon Media System: An Open Source Audio/Video System for Libraries and ...
The Avalon Media System: An Open Source Audio/Video System for Libraries and ...
Avalon Media System
 
Crowdsourcing the Maintenance of E-Resource Metadata: How WorldCat Knowledge ...
Crowdsourcing the Maintenance of E-Resource Metadata: How WorldCat Knowledge ...Crowdsourcing the Maintenance of E-Resource Metadata: How WorldCat Knowledge ...
Crowdsourcing the Maintenance of E-Resource Metadata: How WorldCat Knowledge ...
Charleston Conference
 
Avalon Variations webinar dec 2015
Avalon Variations webinar dec 2015Avalon Variations webinar dec 2015
Avalon Variations webinar dec 2015
Avalon Media System
 
Avalon Media System: Implementation and Community
Avalon Media System: Implementation and CommunityAvalon Media System: Implementation and Community
Avalon Media System: Implementation and Community
Avalon Media System
 
Hydra Connect lightening talk Jan14
Hydra Connect lightening talk Jan14Hydra Connect lightening talk Jan14
Hydra Connect lightening talk Jan14
Chris Awre
 
IWMW 2004: Give the Dog a Plone (A6)
IWMW 2004: Give the Dog a Plone (A6)IWMW 2004: Give the Dog a Plone (A6)
IWMW 2004: Give the Dog a Plone (A6)
IWMW
 
Jabes 2008 - Conférence inaugurale, la grande révélation : penser les ressour...
Jabes 2008 - Conférence inaugurale, la grande révélation : penser les ressour...Jabes 2008 - Conférence inaugurale, la grande révélation : penser les ressour...
Jabes 2008 - Conférence inaugurale, la grande révélation : penser les ressour...
ABES
 
Researching Researchers: Avalon's Repository Usage
Researching Researchers: Avalon's Repository UsageResearching Researchers: Avalon's Repository Usage
Researching Researchers: Avalon's Repository Usage
Avalon Media System
 
Today's forecast for your campus: BLUEcloud
Today's forecast for your campus: BLUEcloud Today's forecast for your campus: BLUEcloud
Today's forecast for your campus: BLUEcloud
Sistema de Servicios de Información y Bibliotecas SISIB
 
Walk-in Access to e-Resources at the University of Bath - Lizz Jennings
Walk-in Access to e-Resources at the University of Bath - Lizz JenningsWalk-in Access to e-Resources at the University of Bath - Lizz Jennings
Walk-in Access to e-Resources at the University of Bath - Lizz Jennings
Eduserv
 
Avalon Media System (Open Repositories 2014 poster)
Avalon Media System (Open Repositories 2014 poster)Avalon Media System (Open Repositories 2014 poster)
Avalon Media System (Open Repositories 2014 poster)
Avalon Media System
 
2015 02 19 platforms and discovery
2015 02 19 platforms and discovery2015 02 19 platforms and discovery
2015 02 19 platforms and discovery
Stephen Abram
 
Some DSpace Customisations
Some DSpace CustomisationsSome DSpace Customisations
Some DSpace Customisations
Gavin Henrick
 
Key Information Sets Data
Key Information Sets DataKey Information Sets Data
Key Information Sets Data
IWMW
 
November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...
November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...
November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...
National Information Standards Organization (NISO)
 
November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...
November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...
November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...
National Information Standards Organization (NISO)
 
Developing for SharePoint Online
Developing for SharePoint OnlineDeveloping for SharePoint Online
Developing for SharePoint Online
Ari Bakker
 
Biodiversity Virtual e-Laboratory (BioVeL): Athentication & Authorisation
Biodiversity Virtual e-Laboratory (BioVeL): Athentication & AuthorisationBiodiversity Virtual e-Laboratory (BioVeL): Athentication & Authorisation
Biodiversity Virtual e-Laboratory (BioVeL): Athentication & Authorisation
Renzo Kottmann
 
ELIXIR Competence Centre in EOSC-hub
ELIXIR Competence Centre in EOSC-hubELIXIR Competence Centre in EOSC-hub
ELIXIR Competence Centre in EOSC-hub
EOSC-hub project
 
Federated authentication at Charles University and news from TERENA 2011 conf...
Federated authentication at Charles University and news from TERENA 2011 conf...Federated authentication at Charles University and news from TERENA 2011 conf...
Federated authentication at Charles University and news from TERENA 2011 conf...
Jiri Pavlik
 
The Hellenic Aggregator
The Hellenic AggregatorThe Hellenic Aggregator
The Hellenic Aggregator
EuropeanaLocal Project
 
Johns smith-3
Johns smith-3Johns smith-3
Johns smith-3
National Information Standards Organization (NISO)
 
Lir glenn wearen
Lir glenn wearenLir glenn wearen
Lir glenn wearen
HEAnet
 
EOSC-Life Workflow Collaboratory
EOSC-Life Workflow CollaboratoryEOSC-Life Workflow Collaboratory
EOSC-Life Workflow Collaboratory
Carole Goble
 

Weitere ähnliche Inhalte

Was ist angesagt?

2015 02 19 platforms and discovery
2015 02 19 platforms and discovery2015 02 19 platforms and discovery
2015 02 19 platforms and discovery
Stephen Abram
 
Developing for SharePoint Online
Developing for SharePoint OnlineDeveloping for SharePoint Online
Developing for SharePoint Online
Ari Bakker
 

Was ist angesagt? (15)

Avalon Variations webinar dec 2015
Avalon Variations webinar dec 2015Avalon Variations webinar dec 2015
Avalon Variations webinar dec 2015
 
Avalon Media System: Implementation and Community
Avalon Media System: Implementation and CommunityAvalon Media System: Implementation and Community
Avalon Media System: Implementation and Community
 
Hydra Connect lightening talk Jan14
Hydra Connect lightening talk Jan14Hydra Connect lightening talk Jan14
Hydra Connect lightening talk Jan14
 
IWMW 2004: Give the Dog a Plone (A6)
IWMW 2004: Give the Dog a Plone (A6)IWMW 2004: Give the Dog a Plone (A6)
IWMW 2004: Give the Dog a Plone (A6)
 
Jabes 2008 - Conférence inaugurale, la grande révélation : penser les ressour...
Jabes 2008 - Conférence inaugurale, la grande révélation : penser les ressour...Jabes 2008 - Conférence inaugurale, la grande révélation : penser les ressour...
Jabes 2008 - Conférence inaugurale, la grande révélation : penser les ressour...
 
Researching Researchers: Avalon's Repository Usage
Researching Researchers: Avalon's Repository UsageResearching Researchers: Avalon's Repository Usage
Researching Researchers: Avalon's Repository Usage
 
Today's forecast for your campus: BLUEcloud
Today's forecast for your campus: BLUEcloud Today's forecast for your campus: BLUEcloud
Today's forecast for your campus: BLUEcloud
 
Walk-in Access to e-Resources at the University of Bath - Lizz Jennings
Walk-in Access to e-Resources at the University of Bath - Lizz JenningsWalk-in Access to e-Resources at the University of Bath - Lizz Jennings
Walk-in Access to e-Resources at the University of Bath - Lizz Jennings
 
Avalon Media System (Open Repositories 2014 poster)
Avalon Media System (Open Repositories 2014 poster)Avalon Media System (Open Repositories 2014 poster)
Avalon Media System (Open Repositories 2014 poster)
 
2015 02 19 platforms and discovery
2015 02 19 platforms and discovery2015 02 19 platforms and discovery
2015 02 19 platforms and discovery
 
Some DSpace Customisations
Some DSpace CustomisationsSome DSpace Customisations
Some DSpace Customisations
 
Key Information Sets Data
Key Information Sets DataKey Information Sets Data
Key Information Sets Data
 
November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...
November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...
November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...
 
November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...
November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...
November 19, 2014 NISO Virtual Conference: Can't We All Work Together?: Inter...
 
Developing for SharePoint Online
Developing for SharePoint OnlineDeveloping for SharePoint Online
Developing for SharePoint Online
 

Ähnlich wie Shibboleth SSO - Charles University case study

Lir glenn wearen
Lir glenn wearenLir glenn wearen
Lir glenn wearen
HEAnet
 
Drupal at-embl-ebi gmod
Drupal at-embl-ebi gmodDrupal at-embl-ebi gmod
Drupal at-embl-ebi gmod
josephrossetto
 
Microservices and the Art of Taming the Dependency Hell Monster
Microservices and the Art of Taming the Dependency Hell MonsterMicroservices and the Art of Taming the Dependency Hell Monster
Microservices and the Art of Taming the Dependency Hell Monster
C4Media
 

Ähnlich wie Shibboleth SSO - Charles University case study (20)

Biodiversity Virtual e-Laboratory (BioVeL): Athentication & Authorisation
Biodiversity Virtual e-Laboratory (BioVeL): Athentication & AuthorisationBiodiversity Virtual e-Laboratory (BioVeL): Athentication & Authorisation
Biodiversity Virtual e-Laboratory (BioVeL): Athentication & Authorisation
 
ELIXIR Competence Centre in EOSC-hub
ELIXIR Competence Centre in EOSC-hubELIXIR Competence Centre in EOSC-hub
ELIXIR Competence Centre in EOSC-hub
 
Federated authentication at Charles University and news from TERENA 2011 conf...
Federated authentication at Charles University and news from TERENA 2011 conf...Federated authentication at Charles University and news from TERENA 2011 conf...
Federated authentication at Charles University and news from TERENA 2011 conf...
 
The Hellenic Aggregator
The Hellenic AggregatorThe Hellenic Aggregator
The Hellenic Aggregator
 
Johns smith-3
Johns smith-3Johns smith-3
Johns smith-3
 
Lir glenn wearen
Lir glenn wearenLir glenn wearen
Lir glenn wearen
 
EOSC-Life Workflow Collaboratory
EOSC-Life Workflow CollaboratoryEOSC-Life Workflow Collaboratory
EOSC-Life Workflow Collaboratory
 
Remote xs
Remote xsRemote xs
Remote xs
 
ShibbolethAccess4librarians
ShibbolethAccess4librariansShibbolethAccess4librarians
ShibbolethAccess4librarians
 
IIIF Introduction given in South Africa - 2019
IIIF Introduction given in South Africa - 2019IIIF Introduction given in South Africa - 2019
IIIF Introduction given in South Africa - 2019
 
The ELIXIR UK training portal (TeSS) by Carole Goble
The ELIXIR UK training portal (TeSS) by Carole GobleThe ELIXIR UK training portal (TeSS) by Carole Goble
The ELIXIR UK training portal (TeSS) by Carole Goble
 
ELIXIR TCG update
ELIXIR TCG updateELIXIR TCG update
ELIXIR TCG update
 
LoCloud: overview of LoCloud Services
LoCloud: overview of LoCloud ServicesLoCloud: overview of LoCloud Services
LoCloud: overview of LoCloud Services
 
COPO - Collaborative Open Plant Omics, by Rob Davey
COPO - Collaborative Open Plant Omics, by Rob DaveyCOPO - Collaborative Open Plant Omics, by Rob Davey
COPO - Collaborative Open Plant Omics, by Rob Davey
 
The ABES Discovery Study
The ABES Discovery StudyThe ABES Discovery Study
The ABES Discovery Study
 
Current and emerging trends in library services
Current and emerging trends in library servicesCurrent and emerging trends in library services
Current and emerging trends in library services
 
CLARIN presentation
CLARIN presentationCLARIN presentation
CLARIN presentation
 
NISO REST Training IIIF
NISO REST Training IIIF NISO REST Training IIIF
NISO REST Training IIIF
 
Drupal at-embl-ebi gmod
Drupal at-embl-ebi gmodDrupal at-embl-ebi gmod
Drupal at-embl-ebi gmod
 
Microservices and the Art of Taming the Dependency Hell Monster
Microservices and the Art of Taming the Dependency Hell MonsterMicroservices and the Art of Taming the Dependency Hell Monster
Microservices and the Art of Taming the Dependency Hell Monster
 

Mehr von Jiri Pavlik

Použití identit ve federativním prostředí, příklady el. zdrojů z knih...
Použití identit ve federativním prostředí, příklady el. zdrojů z knih...Použití identit ve federativním prostředí, příklady el. zdrojů z knih...
Použití identit ve federativním prostředí, příklady el. zdrojů z knih...
Jiri Pavlik
 

Mehr von Jiri Pavlik (20)

E-knihy - novinky v nabídce e-knih pro knihovny
E-knihy - novinky v nabídce e-knih pro knihovnyE-knihy - novinky v nabídce e-knih pro knihovny
E-knihy - novinky v nabídce e-knih pro knihovny
 
E-knihy na vysokých školách - Univerzita Karlova
E-knihy na vysokých školách - Univerzita KarlovaE-knihy na vysokých školách - Univerzita Karlova
E-knihy na vysokých školách - Univerzita Karlova
 
Úvod semináře a aktuality k českým e-knihám pro knihovny
Úvod semináře a aktuality k českým e-knihám pro knihovnyÚvod semináře a aktuality k českým e-knihám pro knihovny
Úvod semináře a aktuality k českým e-knihám pro knihovny
 
Úvod semináře a aktuality k českým e-knihám pro knihovny
Úvod semináře a aktuality k českým e-knihám pro knihovnyÚvod semináře a aktuality k českým e-knihám pro knihovny
Úvod semináře a aktuality k českým e-knihám pro knihovny
 
České e-knihy pro knihovny
České e-knihy pro knihovnyČeské e-knihy pro knihovny
České e-knihy pro knihovny
 
Elektronické knihy na UK
Elektronické knihy na UKElektronické knihy na UK
Elektronické knihy na UK
 
Mobilní aplikace
Mobilní aplikaceMobilní aplikace
Mobilní aplikace
 
Elektronické informační zdroje – přístupné všem a odkudkoliv – seminá...
Elektronické informační zdroje – přístupné všem a odkudkoliv – seminá...Elektronické informační zdroje – přístupné všem a odkudkoliv – seminá...
Elektronické informační zdroje – přístupné všem a odkudkoliv – seminá...
 
Použití identit ve federativním prostředí, příklady el. zdrojů z knih...
Použití identit ve federativním prostředí, příklady el. zdrojů z knih...Použití identit ve federativním prostředí, příklady el. zdrojů z knih...
Použití identit ve federativním prostředí, příklady el. zdrojů z knih...
 
Úvod, Open Access e-knihy
Úvod, Open Access e-knihyÚvod, Open Access e-knihy
Úvod, Open Access e-knihy
 
Nastavení federativní autentizace u elektronických informačních zdrojů
Nastavení federativní autentizace u elektronických informačních zdrojůNastavení federativní autentizace u elektronických informačních zdrojů
Nastavení federativní autentizace u elektronických informačních zdrojů
 
Nabídka služeb Ústřední knihovny Univerzity Karlovy
Nabídka služeb Ústřední knihovny Univerzity Karlovy Nabídka služeb Ústřední knihovny Univerzity Karlovy
Nabídka služeb Ústřední knihovny Univerzity Karlovy
 
Moderní autentizační metody Shibboleth a EZproxy
Moderní autentizační metody Shibboleth a EZproxyModerní autentizační metody Shibboleth a EZproxy
Moderní autentizační metody Shibboleth a EZproxy
 
Úvod semináře
Úvod semináře Úvod semináře
Úvod semináře
 
Knihovní aplikace na čtečkách s Android, jednotné přihlašování a on-...
Knihovní aplikace na čtečkách s Android, jednotné přihlašování a on-...Knihovní aplikace na čtečkách s Android, jednotné přihlašování a on-...
Knihovní aplikace na čtečkách s Android, jednotné přihlašování a on-...
 
Úvod,Open-Access a Public Domain české e- knihy pro knihovny
Úvod,Open-Access a Public Domain české e- knihy pro knihovnyÚvod,Open-Access a Public Domain české e- knihy pro knihovny
Úvod,Open-Access a Public Domain české e- knihy pro knihovny
 
České e-knihy pro knihovny - přehled nabídky, příležitosti díky novi...
České e-knihy pro knihovny - přehled nabídky, příležitosti díky novi...České e-knihy pro knihovny - přehled nabídky, příležitosti díky novi...
České e-knihy pro knihovny - přehled nabídky, příležitosti díky novi...
 
Moderní autentizační metody Shibboleth a EZproxy s následným workshopem
Moderní autentizační metody Shibboleth a EZproxy s následným workshopemModerní autentizační metody Shibboleth a EZproxy s následným workshopem
Moderní autentizační metody Shibboleth a EZproxy s následným workshopem
 
E-knihy pro knihovny na Plzeňsku
E-knihy pro knihovny na PlzeňskuE-knihy pro knihovny na Plzeňsku
E-knihy pro knihovny na Plzeňsku
 
Dostupné platformy s nabídkou e-knih v češtině pro odborné české knihovny
Dostupné platformy s nabídkou e-knih v češtině pro odborné české knihovnyDostupné platformy s nabídkou e-knih v češtině pro odborné české knihovny
Dostupné platformy s nabídkou e-knih v češtině pro odborné české knihovny
 

Kürzlich hochgeladen

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Kürzlich hochgeladen (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 

Shibboleth SSO - Charles University case study

  • 1. Shibboleth SSO - Charles University case study Jiri Pavlik CESNET / Charles University Computer Centre Haifa University, September 11th 2011
  • 2. Agenda • Vision, goal, project • Implementation - SFX, MetaLib, Aleph, DigiTool • Sharing resources, future development
  • 4. Goal, vision • All library systems & electronic resources working in Single-Sign-On environment • Plan presented at IGeLU 2010 conference workshop in Ghent
  • 5. Charles University in Prague context • 17 faculties, 3 institutes, hundreds of departments • 2 institutes jointly run with Czech Academy of Sciences • ~ 60 000 students and staff
  • 6. Charles University in Prague context • SFX, bX, MetaLib, Aleph, DigiTool,Verde • EZproxy, E-resources Portal • ~150 subscribed electronic on-line resources, databases, ~65000 ejournals, ~51000 ebooks
  • 7. Charles University in Prague context • decentralized subscription policy - not all resources are subscribed for all students and stuff
  • 8. Charles University in Prague context • AAI: central LDAP, Shibboleth IdP • CESNET member • Czech Academic Identity Federation eduID.cz member • involved in national and international projects
  • 9. Project • reach the goal - SSO • CESNET funded • case-study • guides • finish summer 2011
  • 10. Project • SFX, MetaLib, Aleph, DigiTool • E-resources Portal • EZproxy • CMS - Document Globe • Streaming & Podcast servers
  • 11. SFX • Shibboleth authentication is not supported, IP address based authentication only • Shibboleth WAYFless linking is supported
  • 12. SFX • authentication method switched from IP address based to Shibboleth • EZproxy configured as a proxy • PROXY institution defined with IP address range 0.0.0.0 - 255.255.255.255 • institutions kept, but IP address ranges deleted • PROXY institution added to all targets and activated
  • 13. SFX • WAYFless linking set up for all resources supporting Shibboleth authentication • (EZ)proxy linking set up for all resources without native Shibboleth authentication support • Implemented by Michael Zach & Jiri Pavlik
  • 14. MetaLib • Shibboleth authentication is supported in PDS authentication module • multiple users affiliations are not supported in authorization
  • 15. MetaLib • Shibboleth Service Provider installed & registered in eduID.cz federation • authentication method at PDS switched from LDAP to Shibboleth • set up WAYF skipping in SP configuration • authorization mapping tuned in MetaLib configuration, based on eduPersonEntitlement attribute values
  • 16. MetaLib • CAS admin preferred primary affiliation functionality developed • Implemented by Martin Ledinsky & Jan Krajic & Michal Vocu & Jiri Pavlik
  • 17.
  • 18.
  • 19.
  • 20. Aleph • Shibboleth authentication is supported in PDS authentication module • no authorization need
  • 21. Aleph • Shibboleth Service Provider installed & registered in eduID.cz federation • authentication method at PDS switched from LDAP, Aleph to Shibboleth • Aleph authentication kept for ILL users • set up WAYF skipping in SP configuration
  • 22. Aleph • Implemented by Jaro Sivak & Jan Krajic & Jiri Pavlik
  • 23.
  • 24. DigiTool • Shibboleth authentication is supported in PDS authentication module • multiple users affiliations are supported in authorization
  • 25. DigiTool • Shibboleth Service Provider installed & registered in eduID.cz federation • authentication method at PDS switched from LDAP, DigiTool to Shibboleth • separate IdP started for registered external users authentication - no anonymous access to diploma works
  • 26. DigiTool • authorization mapping tuned in DigiTool configuration, based on eduPersonEntitlement attribute values • federated authentication set up • own WAYF, eduID.cz members and the external users IdPs are listed • Implemented by Andrea Fojtu & Jan Krajic & Michal Vocu & Jiri Pavlik
  • 27.
  • 28.
  • 29. EZproxy • configured as a proxy pro SFX • set up authentication skipping for access from appropriate University IP address ranges • configurations for resources with native Shibboleth support kept as a backup access • Implemented by Petr Novak & Jiri Pavlik
  • 30. Sharing resources • guides available at eduID.cz Wiki • http://www.eduid.cz/wiki/eduid/admins/howto/deploy/index#knihovni_systemy • using by: Masaryk University in Brno, Czech Academy of Sciences Library, National Technical Library, Moravian Library, Czech National Library, Tomas Bata University in Zlin, ... • kept updated
  • 31. Sharing resources • presentations & consultations • test account • English translation, EL Commons? • special thanks to Ere Maijala and Ex Libris
  • 32. Future development • SFX - Shibboleth authentication support for menu, AZ, statistics, ... • NERS Enhancement Request in current ballot - Institutes: add Shibboleth authentication
  • 33. Future development • MetaLib - authorization supporting users multiple affiliations • Support Incident • MetaLib, Aleph, DigiTool - Single Logout • DigiTool - international authentication: eduGAIN, InCommon federation, ...
  • 34. Future development • Academy of Sciences logins for the 2 joined University and Academy institutions members • Discovery system - Primo
  • 35. Future development • Raptor statistics • unified top level e-resources usage statistics • usage divided by user groups • overcome providers inability to deliver statistics divided by user groups • overcome missing ebooks statistics support in Ustat
  • 36. Q & A, contact Jiri Pavlik jpavlik@cesnet.cz http://www.cuni.cz/~pavlik