Welcome to the 20th Anniversary of the IUG

Slides:

Advertisements

Similar presentations

EBSCOadmin Authentication

Advertisements

Open-source Single Sign-On with CAS (Central Authentication Service) Pascal Aubry, Vincent Mathieu & Julien Marchal Copyright © 2004 – ESUP-Portail consortium.

EVERY CONNECTION has a starting point. EVERY CONNECTION has a starting point. WorldCat Navigator - Authentication Library Hosted Navigator EZproxy and.

LIBRARY SERVICES WebPAC usage metrics AIUG 2010 Lightning Sessions Kurt Vollmerhause Millennium Coordinator.

Welcome to Middleware Joseph Amrithraj

Central Authentication Service Roadmap JA-SIG Winter 2004.

Office 365 Identity June 2013 Microsoft Office365 4/2/2017

PDS User Management DigiTool Version 3.0. User Management 2 PDS Overview PDS Setup Single Sign On Agenda.

EVERY CONNECTION has a starting point. NetLibrary eAudiobooks An Overview for Washington State Libraries Nathan Downing Field Implementation Specialist.

Building the Future: Millennium’s Relationship with Campus Systems and Services John Culshaw Faculty Director for Systems University of Colorado at Boulder.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.

Confidential Date Project ONE CLICK : 12/26/2006 Oracle Single Sign-On Sridhar Gangapuram Manager, Oracle Applications (Phoenix) Roger Raj Sr. Technical.

Blackboard Building Blocks Authentication Overview Tuesday, June 30, 2015 Tom Joyce, Product Manager, Platform Architecture & Database.

Remote User Authentication. Module Objectives By the end of this module participants will be able to: Describe the methods available for authenticating.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

Understanding Active Directory

HalFILE 3.0 Active Directory Integration. halFILE 3.0 AD – What is it? Centralized organization of network objects and security – servers, computers,

Support.ebsco.com EBSCO Discovery Service Statistics Explained Tutorial.

03/07/08 © 2008 DSR and LDAP Authentication Avocent Technical Support.

August 25, SSO with Microsoft Active Directory Presented by: Craig Larrabee.

RUG Australia meeting 2012 Feb 6, V Tiers & sequencing suppliers Tiers and sequencing and load balancing  Tiers = groups of suppliers.

The Library Innopac and Portal Integration Tracey Stanley, University of Leeds.

Conference Overview. PASSWORDS You can set your password policy to enforce users to change their passwords periodically.

FIspace SPT Seyhun Futaci. Technology behind FIspace Authentication and Authorization IDM service of Fispace provides SSO solution for web apps, mobile.

PAPI Points of Access to Providers of Information.

Estonian overview Anneli Sepp Database Manager of ELNET Consortium.

SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.

TWSd - Security Workshop Part I of III T302 Tuesday, 4/20/2010 TWS Distributed & Mainframe User Education April 18-21, 2010  Carefree Resort  Carefree,

authenticated networked guided environment for learning - secure integration of learning environments with digital libraries - Current.

Shibboleth 2.0 IdP Training: Authentication January, 2009.

CAS Lightning Talk Jasig-Sakai 2012 Tuesday June 12th 2012 Atlanta, GA Andrew Petro - Unicon, Inc.

Where Google Style Searching Meets Library Land WILIUG June 20, 2008 Heidi Bruss, Metropolitan Library System Peter Zeimet, Innovative Interfaces.

Arkansas-IUG Conference December 2009 Tim Whisenant, Customer Sales Consultant.

Campus Experience: Pubcookie University of Alabama at Birmingham Academic Computing Zach Garner.

WebPAC Pro: From RightResult to Community Reviews & what’s coming in Release 2007! Dinah Sanders, Product Manager.

PAPI: Simple and Ubiquitous Access to Internet Information Services JISC/CNI Conference - Edinburgh, 27 June 2002.

February, TRANSCEND SHIRO-CAS INTEGRATION ANALYSIS.

Caitlin Spears, Library Training Consultant Electronic Resource Management: Soup to Nuts April , 2008.

CERN IT Department CH-1211 Genève 23 Switzerland t Single Sign On, Identity and Access management at CERN Alex Lossent Emmanuel Ormancey,

Introduction to Terra Dotta Applications Integration with Campus Data Systems for institutions beginning their software implementation.

OpenID Connect Working Group May 10, 2016 Mike Jones Identity Standards Architect – Microsoft.

Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.

ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.

2016 Annual Redrock Conference Record Connect Report Success 25 Years of Success Strategies for Your Campus Technical Information and Custom Configurations.

Office of Information Technology GT Identity and Access Management JA-SIG CAS project (introducing login.gatech.edu) April 29th,

Contents Software components All users in one location:

Using JSTOR May 2016.

CollegeSource Security Application &

Experiences to Date Faculty of Engineering April 2017

Single Sign-On Led by Terrice McClain, Jen Paulin, & Leighton Wingerd

Federation made simple

Information Security Professionals

Shibboleth Integration Fairfield University

CAS and Web Single Sign-on at UConn

New features and customization options

Prime Service Catalog 12.0 SAML 2.0 Single Sign-On Support

Third Party Applications: EZproxy

Radius, LDAP, Radius used in Authenticating Users

Common Security Mistakes

Shibboleth Implementation in EZproxy

Cloud Connect Seamlessly

Communication and Information Resource Centre Administrator

Important skills for Computer Based Researching

APACHE WEB SERVER.

敦群數位科技有限公司(vanGene Digital Inc.) 游家德(Jade Yu.)

In-house Developed Library Solutions

Adding institution support in SFX for Shibboleth SSO

Presentation transcript:

Welcome to the 20th Anniversary of the IUG

Rick Paladino – Director, Installation Services Authenticating Users: SSO, LDAP, and Millennium Integrated Patron Login Rick Paladino – Director, Installation Services

SSO: What is Single Sign-On? Users authenticate once per session Log into first server visited Next servers already authorized Enhanced user experience Integrate servers into campus* computing environment

SSO: How It Works User begins session on “participating” server Authenticate against central server Use campus-wide credentials Central login page Auth server creates “session” User “logged in” to all servers

Diagram of SSO Encore SSO Campus other Patron

SSO: Interested in Single Sign-On? Existing SSO initiative Millennium becomes participating server Apache-compatible SSO module CAS Pubcookie Shibboleth Existing SSO initiative 1. III doesn’t help launch SSO for entire institution 2. Becomes another participating member of SSO

SSO: Implementing Single Sign-On Provide SSO module New Millennium SSO server becomes “catalog” DNS change for Millennium server REMOTE_USER and indexed field Still use Millennium patron records Patron load table Re-indexing included

SSO: New Server Becomes “catalog” New Single Sign On web server Change DNS entry for Millennium server Community borrowers access Millennium

SSO: Single Sign-On Recap Central Authentication Server Single Sign-On application Log in using campus-wide credentials Authenticate once per session Integrate existing SSO module into Apache Introduce new Millennium catalog SSO server Enhanced user experience

LDAP: External Patron Verification Log in using campus-wide credentials Authenticate against central server Integrate Library into campus* computing environment

LDAP: Implementing LDAP Existing LDAP server Connection information IP address Bind and search Access account Indexed field Still use Millennium patron records

LDAP: New Login Page

LDAP: External Patron Verification Recap Log in using campus-wide credentials Provide connection information Millennium as LDAP client Still use Millennium patron records Enhanced user experience

SSO and LDAP: Similarities Login using campus credentials Require existing initiatives Provide access to Millennium patron records Support for community borrowers Integrate library into campus computing environment

Authenticating Users: Thinking of SSO? SSO is more evolved More features New server for library Library provides SSO application Big initiative for your institution Are you ready?

Authenticating Users: LDAP may be the First Step Easy to implement User directory already in place Broad support Any LDAP v3 target Microsoft AD No new servers Millennium server is client

IPSSO: Millennium Integrated Patron Login Mini-SSO for Innovative applications WebPAC Encore Research Pro Users authenticate once per session CAS-based application

Integrated Patron Login: Without IPSSO

Integrated Patron Login: Using IPSSO

Millennium Integrated Patron Login Required for Encore and Research Pro Default login for New Libraries Optional login for WebPAC for Existing Libraries New login page

IPSSO: HTML-based form New with 2009B 1.1 Easier customization Support for Airpac for Smartphones Request installation on CSDirect Migration from XML-based form New IPSSO with WebPAC Innovative customizes form upon installation

IPSSO: HTML-based form

IPSSO: Mobile version HTML-based form

Integrated Login: IPSSO with SSO and LDAP SSO login Central Single Sign-On page SSO supersedes IPSSO Use campus credentials to log in once User logged into WebPAC, Encore, RPRO, plus all those others… LDAP login LDAP IPSSO login page Use campus credentials to log in User logged into WebPAC, Encore, RPRO

Integrated Patron Sign-On: IPSSO Recap Mini-SSO for Innovative Applications Native authentication for Encore and Research Pro Full integration with WebPAC Support for LDAP authentication HTML-based form with mobile stylesheet

Thank You!