1 Wolfgang Lierz Staff IT-Services / Network & Security Admin ETH-Bibliothek Zurich Integration Primo-Aleph-PDS-SSO- AAI Wolfgang Lierz / IGeLU 2012 Zurich.

Slides:



Advertisements
Similar presentations
Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.
Advertisements

Federated Access implementation: experience of AUCA Library - Kyrgyzstan 4 th -7 th June, 2008, Aberdeen, Scotland Sania Battalova, EIFL Country and FOSS.
Lousy Introduction into SWITCHaai
Shibbolising UK Census and ESDS services Lucy Bell Associate Director, Head of Information Systems and Preservation, UKDA 26 May 2005.
AAI for Apps Using AAI with your Smartphone Daniel Latzer Zürich, April 2013
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
WP8 Security and Privacy Identity Management 15. November 2012 Wolfgang Steigerwald (DT) Robert Seidl (NSN)
PDS User Management DigiTool Version 3.0. User Management 2 PDS Overview PDS Setup Single Sign On Agenda.
Dispatcher Conditional Expression Static Request Filter Attribute Filter Portal , DNS Hello User Sample (Gateway)
FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University
JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.
Active Directory: Final Solution to Enterprise System Integration
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Catania Science Gateway Framework Motivations, architecture, features Catania, 09/06/2014Riccardo Rotondo
Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, This work is the intellectual property of the.
Requirements of a public and university Library for authentication and authorization infrastructures Wolfgang Lierz ETH-Bibliothek Head IT Services.
Federated Shibboleth, OpenID, oAuth, and Multifactor | 1 Federated Shibboleth, OpenID, oAuth, and Multifactor Russell Beall Senior Programmer/Analyst University.
LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.
The Integration of two large Aleph Library Systems Andreas Kirstein Head Media and IT Services ETH-Bibliothek Head NEBIS Network.
Alma System Integration at the University of Salford A Challenge and Opportunity Angela Walker Digital Library Manager.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS CERN Single Sign-On Summer 2012 Updates Emmanuel.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
Identity Management with x- services in Aleph Gerard Bennett, University of Westminster IGeLU – Budapest - Session Thursday 3 rd Sept 2015.
Gregorio Martínez Pérez University of Murcia PROVIDING SECURITY TO UNIVERSITY ENVIRONMENT COMMUNICATIONS.
SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.
© Copyright 2009 Sysgem AG, 8002 Zurich, Switzerland Sysgem Products Sysgem Enterprise Manager (SEM)  Identity & Access Management  System Management.
TWSd - Security Workshop Part I of III T302 Tuesday, 4/20/2010 TWS Distributed & Mainframe User Education April 18-21, 2010  Carefree Resort  Carefree,
Identity Management in the Environment of Mendel University in Brno Milan Šorm.
Shibboleth for Real Dave Kennedy
10/25/20151 Single Sign-On Web Service Supervisors: Viktor Kulikov Alexander Sherman Liana Lipstov Pavel Bilenko.
Slide 1 ASP Authentication There are basically three authentication modes Windows Passport Forms There are others through WCF You choose an authentication.
Securing Sensitive Information Data Security Dashboards often contain the most important data in the company Securing that information makes business.
Integrating and Troubleshooting Citrix Access Gateway.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Connect. Communicate. Collaborate AAI scenario: How AutoBAHN system will use the eduGAIN federation for Authentication and Authorization Simon Muyal,
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
Identity Management in DEISA/PRACE Vincent RIBAILLIER, Federated Identity Workshop, CERN, June 9 th, 2011.
February, TRANSCEND SHIRO-CAS INTEGRATION ANALYSIS.
2003 © SWITCH Authentication and Authorisation Infrastructure - AAI Christoph Graf Project Leader AAI SWITCH.
DNS DNS changes required to validate domains in Office 365 UPN – User Principal Name Every user must have a UPN UPN suffixes must match a validated.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Exploring Access to External Content Providers with Digital Certificates University of Chicago Team Charles Blair James Mouw.
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
CERN IT Department CH-1211 Genève 23 Switzerland t Single Sign On, Identity and Access management at CERN Alex Lossent Emmanuel Ormancey,
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Introduction to Terra Dotta Applications Integration with Campus Data Systems for institutions beginning their software implementation.
© 2014 IBM Corporation External Collaboration IBM Connections 5.0 Workshop IBM Ecosystem Development Duration: 30 minutes.
F5 APM & Security Assertion Markup Language ‘sam-el’
Enabling the Modern Workstyle with Windows 10 & Azure Active Directory Venkatesh Gopalakrishnan 2016 Redmond Summit | Identity Without Boundaries May 25,
1 Name of Meeting Location Date - Change in Slide Master Authentication & Authorization Technologies for LSST Data Access Jim Basney
EMS in action Hugh Simpson-Wells and Mark Riley 2016 Redmond Summit | Identity Without Boundaries
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Barracuda SSL VPN Remote, Authenticated Access to Applications and Data Version 2.6 | July 2014.
Using Your Own Authentication System with ArcGIS Online
Single Sign-On Led by Terrice McClain, Jen Paulin, & Leighton Wingerd
Common Security Mistakes
New Primo Authentication
ESA Single Sign On (SSO) and Federated Identity Management
New Alma Customer Onboarding Preparation and Best Practices
Office 365 Identity Management
The main cause for that are the famous phishing attacks, in which the attacker directs users to a fake web page identical to another one and steals the.
CLASP Project AAI Workshop, Nov 2000 Denise Heagerty, CERN
SharePoint Online Authentication Patterns
Office 365 Development.
Shibboleth in Switzerland
INTEGRATIONS WITH Single Sign-On
Presentation transcript:

1 Wolfgang Lierz Staff IT-Services / Network & Security Admin ETH-Bibliothek Zurich Integration Primo-Aleph-PDS-SSO- AAI Wolfgang Lierz / IGeLU 2012 Zurich Integration of Aleph/Primo with PDS into larger Shibboleth/SSO environments

2 Integration Primo-Aleph-PDS-SSO-AAI Why Single Sign-On anyway? Wolfgang Lierz / IGeLU 2012 Zurich We have alternatives: -Post-It around display -Post-It below keyboard -Browser password store -KeePass password store -Cloud password store -Facebook login

3 Integration Primo-Aleph-PDS-SSO-AAI Authentication and Authorization Infrastructure Wolfgang Lierz / IGeLU 2012 Zurich Without AAI-SSOWith AAI- SSO First ideas and workshop Project study and pilot Implementation

4 Integration Primo-Aleph-PDS-SSO-AAI AAI in Switzerland Wolfgang Lierz / IGeLU 2012 Zurich

5 Integration Primo-Aleph-PDS-SSO-AAI Authentication with nethz Wolfgang Lierz / IGeLU 2012 Zurich Authentication «Who am I » «nethz» database «nethz-login» HR / Students Administration ETH Zurich members Active Directory LDAP RADIU S AAI (Shibboleth ) Windows Exchange Sharepoint e-pics WLAN eduroam VPN e-collection. Proxy SMS Authorization «What may I do » «Same Sign On » «Single Sign On »

6 Integration Primo-Aleph-PDS-SSO-AAI Aleph in Switzerland Wolfgang Lierz / IGeLU 2012 Zurich ExLibris Aleph v20 (only NEBIS with PDS) 5 Systems Shared User File (SUF) accounts Integration UZH into NEBIS 2013 (INUIT) accounts 200 libraries

7 Goals within current NEBIS/Aleph operation: -eliminate separate individual user registration / activation process at library -enable nethz-userid for ETHZ staff and students -use nethz-attributes of ALL staff and students by Aleph and discontinue separate user management Integration Primo-Aleph-PDS-SSO-AAI AAI-SSO for ETHZ staff and students Wolfgang Lierz / IGeLU 2012 Zurich

8 Integration Primo-Aleph-PDS-SSO-AAI Aleph with nethz / PLIF nightly Aleph (Application) Aleph (Database) nethz SAP nethz AAI Indices PDS (login) Batch / Copy on request User / Copy at Login (at least daily) Batch / triggered by changes Wolfgang Lierz / IGeLU 2012 Zurich

9 Integration Primo-Aleph-PDS-SSO-AAI 2012: AAI-SSO for ETH members Wolfgang Lierz / IGeLU 2012 Zurich Authentication via «native» Aleph login (may disappear 2013) Authentication via «nethz-login» (AAI-SSO) (more selections 2013) Intermediate (PDS) Login page from September 2012 Embedded WAYF

10 (SSL connection) Private customers DB - Attributes from Aleph - Passwords only here New separate Private Customers IDP (at ETHZ) NEBIS/Aleph EAD00 Aleph (Oracle DB) Private customers Indices (Aleph) AAI IDP (operated by Switch) aai-login.libraries.ch PDS (login) with Shibboleth Integration Primo-Aleph-PDS-SSO-AAI 2013: AAI-SSO for private customers EAD50ZAD50UZH50 AAI IDP (at ETHZ) aai-login.ethz.ch (via nethz) WAYF Re(set) password password.libraries. ch (New) registration register.libraries.ch Initial Password other AAI IDPs INUIT future PIN-VHO E-Lending Primo FE e-shelf NEBIS Form for registration Wolfgang Lierz / IGeLU 2012 Zurich

11 Private customers DB - Attributes now HERE - Passwords only here Swiss-wide Private Customers IDP Alma ? AAI IDP (operated by Switch) aai-login.libraries.ch PDS as a separate service WITH attribute retrieval Integration Primo-Aleph-PDS-SSO-AAI Future: ID management outside Ex Libris AAI IDP (at ETHZ) aai-login.ethz.ch (via nethz) WAYF Re(set) password password.libraries. ch (New) registration register.libraries.ch other AAI IDPs Primo FE e-shelf Wolfgang Lierz / IGeLU 2012 Zurich Interface to external Identity Management E-Lending and others

12 For much more details see our report Single Sign On für e-lib.ch und sein Webportal (in German, 2012, 61 p.) e-collection.library.ethz.ch/view/eth:5453 Integration Primo-Aleph-PDS-SSO-AAI Further reading Wolfgang Lierz / IGeLU 2012 Zurich

13 Thanks to: -SSO project team of ETH-Bibliothek -ITS IT-Services of ETH-Bibliothek -ICT services of ETH Zurich -SWITCH AAI team -ELCA Informatik AG, Zürich Integration Primo-Aleph-PDS-SSO-AAI Credits Wolfgang Lierz / IGeLU 2012 Zurich

14 Thank you! Integration Primo-Aleph-PDS-SSO-AAI Questions ? Wolfgang Lierz / IGeLU 2012 Zurich SFX with PDS-SSO-AAI ?

15 Wolfgang Lierz / IGeLU 2012 Zurich DEMO

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.