Self-registration of non-institute patron identifiers in Aleph
Agenda Aleph identifiers and aliases Touchstone: two Identity Providers Aleph’s handling of regular patrons Collaboration Accounts Management System Aleph’s handling of CAMS patrons The primary problem and its solution Staff Training 2014 Page 2
Glossary of terms CAMS: Collaboration Accounts Management System. Aleph ID: A number that identifies a patron in Aleph. Alias: A synonym for an aleph id. API: Application Programming Interface. X-server: An Aleph API. Staff Training 2014 Page 3
Glossary of terms Shibboleth:Federated ID management software. Touchstone: MIT’s branding of Shibboleth. IdP: Identity Provider (Shibboleth) SP: Service Provider (Shibboleth) Staff Training 2014 Page 4
Identifiers and Aliases in Aleph What are they? How does Aleph use them? Staff Training 2014 Page 5
Aleph identifiers – Z308 Z308_REC_KEY Z308_ID Staff Training 2014 Page 6
Touchstone review Temporary redirect to the login page Identifier returned to the application User redirected back to original target Staff Training 2014 Page 7
Production IdP (Kerberos accounts) idp.mit.edu Collaboration Accounts Management System IdP (CAMS) idp.touchstonenetwork.net Aleph Touchstone
Production IdP (Kerberos accounts) idp.mit.edu Aleph Touchstone Your Account
Points to remember about regular patron handling Everybody is a number in Aleph. Aleph uses aliases for alternate ways of identifying a patron. Aliases must be explicitly defined before use, and require two pieces of information: the alias character string, the corresponding aleph id number. Since Kerberos ids are predictable, the loader scripts set up all required aliases for patrons who have a Kerberos id. Staff Training 2014 Page 10
CAMS review CAMS IdP 1. Open to the world for self-registration 2. No privileges attached 3. Id must be a valid address, but NOT one with ‘mit.edu’ domain 4. Identifier returned from authentication is NOT predictable. Staff Training 2014 Page 11
New manually-registered patron Circ staff member 1. creates the patron’s new Aleph id 2. creates a library card with a barcode 3. adds the barcode to the Aleph record as an alias 4. presents the library card to the patron Staff Training 2014 Page 12
Aleph identifiers – Z308 Non-institute patron’s aliases when the card is issued. Z308_REC_KEY Z308_ID Staff Training 2014 Page 13
Collaboration Accounts Management System IdP (CAMS) idp.touchstonenetwork.net Aleph Touchstone Your Account
Solving the alias problem A tale of two scripts: 1. alcams1.cgi 2. alcams2.cgi Staff Training 2014 Page 15
Overview of the process If the patron requests access to Your Account, two operations accomplish the task. 1. Circ staff runs the alcams1.cgi script from a form, which constructs a magic URL and s it to the patron. form Staff Training 2014 Page 16
Details of alcams2.cgi - 1 At a convenient time and place the patron registers his or her Shibboleth (CAMS) identifier by clicking the magic URL that was sent from alcams1. Example of a magic URL: Staff Training 2014 Page 17
Aleph identifiers – Z308 Z308_REC_KEY Z308_ID Staff Training 2014 Page 18
Details of alcams2.cgi - 2 Alcams2.cgi combines four things: 1. Access to patron’s CAMS identifier. 2. Access to the patron’s Aleph id. 3. Writeable access to Aleph for updating z308 table. 4. Convenience and privacy for the patron. Staff Training 2014 Page 19
Experiment CAMS identifiers can be created and used with regular Aleph patron accounts. Try the CAMS experience yourself 1. Ask the circ staff to generate the instructional for your Aleph id. 2. Follow the steps in the and experience what non- institute patrons experience. 3. Tell me about any difficulties. Staff Training 2014 Page 20
Useful links Creating a Collaboration account: oration+Account oration+Account Touchstone at MIT: Staff Training 2014 Page 21
Finis Staff Training 2014 Page 22 Rich Wenger Phone