Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Wolfgang Lierz Staff IT-Services / Network & Security Admin ETH-Bibliothek Zurich Integration Primo-Aleph-PDS-SSO- AAI Wolfgang Lierz / IGeLU 2012 Zurich.

Published byLydia Bingley Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Wolfgang Lierz Staff IT-Services / Network & Security Admin ETH-Bibliothek Zurich Integration Primo-Aleph-PDS-SSO- AAI Wolfgang Lierz / IGeLU 2012 Zurich."— Presentation transcript:

1 1 Wolfgang Lierz Staff IT-Services / Network & Security Admin ETH-Bibliothek Zurich Integration Primo-Aleph-PDS-SSO- AAI Wolfgang Lierz / IGeLU 2012 Zurich Integration of Aleph/Primo with PDS into larger Shibboleth/SSO environments

2 2 Integration Primo-Aleph-PDS-SSO-AAI Why Single Sign-On anyway? Wolfgang Lierz / IGeLU 2012 Zurich We have alternatives: -Post-It around display -Post-It below keyboard -Browser password store -KeePass password store -Cloud password store -Facebook login

3 3 Integration Primo-Aleph-PDS-SSO-AAI Authentication and Authorization Infrastructure Wolfgang Lierz / IGeLU 2012 Zurich Without AAI-SSOWith AAI- SSO 1999-2000 First ideas and workshop 2001-2003 Project study and pilot 2004-2005 Implementation

4 4 Integration Primo-Aleph-PDS-SSO-AAI AAI in Switzerland Wolfgang Lierz / IGeLU 2012 Zurich

5 5 Integration Primo-Aleph-PDS-SSO-AAI Authentication with nethz Wolfgang Lierz / IGeLU 2012 Zurich Authentication «Who am I » «nethz» database «nethz-login» HR / Students Administration ETH Zurich members Active Directory LDAP RADIU S AAI (Shibboleth ) Windows Exchange Sharepoint e-pics WLAN eduroam VPN e-collection. Proxy SMS Authorization «What may I do » «Same Sign On » «Single Sign On »

6 6 Integration Primo-Aleph-PDS-SSO-AAI Aleph in Switzerland Wolfgang Lierz / IGeLU 2012 Zurich ExLibris Aleph v20 (only NEBIS with PDS) 5 Systems Shared User File (SUF) 700000 accounts Integration UZH into NEBIS 2013 (INUIT) 200000 accounts 200 libraries

7 7 Goals within current NEBIS/Aleph operation: -eliminate separate individual user registration / activation process at library -enable nethz-userid for ETHZ staff and students -use nethz-attributes of ALL staff and students by Aleph and discontinue separate user management Integration Primo-Aleph-PDS-SSO-AAI AAI-SSO for ETHZ staff and students Wolfgang Lierz / IGeLU 2012 Zurich

8 8 Integration Primo-Aleph-PDS-SSO-AAI Aleph with nethz / PLIF nightly Aleph (Application) Aleph (Database) nethz SAP nethz AAI Indices PDS (login) Batch / Copy on request User / Copy at Login (at least daily) Batch / triggered by changes Wolfgang Lierz / IGeLU 2012 Zurich

9 9 Integration Primo-Aleph-PDS-SSO-AAI 2012: AAI-SSO for ETH members Wolfgang Lierz / IGeLU 2012 Zurich Authentication via «native» Aleph login (may disappear 2013) Authentication via «nethz-login» (AAI-SSO) (more selections 2013) Intermediate (PDS) Login page from September 2012 Embedded WAYF

10 10 (SSL connection) Private customers DB - Attributes from Aleph - Passwords only here New separate Private Customers IDP (at ETHZ) NEBIS/Aleph EAD00 Aleph (Oracle DB) Private customers Indices (Aleph) AAI IDP (operated by Switch) aai-login.libraries.ch PDS (login) with Shibboleth Integration Primo-Aleph-PDS-SSO-AAI 2013: AAI-SSO for private customers EAD50ZAD50UZH50 AAI IDP (at ETHZ) aai-login.ethz.ch (via nethz) WAYF Re(set) password password.libraries. ch (New) registration register.libraries.ch Initial Password other AAI IDPs INUIT future PIN-VHO E-Lending Primo FE 1...4 e-shelf NEBIS Form for registration Wolfgang Lierz / IGeLU 2012 Zurich

11 11 Private customers DB - Attributes now HERE - Passwords only here Swiss-wide Private Customers IDP Alma ? AAI IDP (operated by Switch) aai-login.libraries.ch PDS as a separate service WITH attribute retrieval Integration Primo-Aleph-PDS-SSO-AAI Future: ID management outside Ex Libris AAI IDP (at ETHZ) aai-login.ethz.ch (via nethz) WAYF Re(set) password password.libraries. ch (New) registration register.libraries.ch other AAI IDPs Primo FE 1...4 e-shelf Wolfgang Lierz / IGeLU 2012 Zurich Interface to external Identity Management E-Lending and others

12 12 For much more details see our report Single Sign On für e-lib.ch und sein Webportal (in German, 2012, 61 p.) e-collection.library.ethz.ch/view/eth:5453 Integration Primo-Aleph-PDS-SSO-AAI Further reading Wolfgang Lierz / IGeLU 2012 Zurich

13 13 Thanks to: -SSO project team of ETH-Bibliothek -ITS IT-Services of ETH-Bibliothek -ICT services of ETH Zurich -SWITCH AAI team -ELCA Informatik AG, Zürich Integration Primo-Aleph-PDS-SSO-AAI Credits Wolfgang Lierz / IGeLU 2012 Zurich

14 14 Thank you! wolfgang.lierz@library.ethz.ch Integration Primo-Aleph-PDS-SSO-AAI Questions ? Wolfgang Lierz / IGeLU 2012 Zurich SFX with PDS-SSO-AAI ?

15 15 Wolfgang Lierz / IGeLU 2012 Zurich DEMO http://www.switch.ch/aai/demo/

Download ppt "1 Wolfgang Lierz Staff IT-Services / Network & Security Admin ETH-Bibliothek Zurich Integration Primo-Aleph-PDS-SSO- AAI Wolfgang Lierz / IGeLU 2012 Zurich."

Similar presentations

Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.

Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.
Federated Access implementation: experience of AUCA Library - Kyrgyzstan 4 th -7 th June, 2008, Aberdeen, Scotland Sania Battalova, EIFL Country and FOSS.

Federated Access implementation: experience of AUCA Library - Kyrgyzstan 4 th -7 th June, 2008, Aberdeen, Scotland Sania Battalova, EIFL Country and FOSS.
Lousy Introduction into SWITCHaai

Lousy Introduction into SWITCHaai
Shibbolising UK Census and ESDS services Lucy Bell Associate Director, Head of Information Systems and Preservation, UKDA 26 May 2005.

Shibbolising UK Census and ESDS services Lucy Bell Associate Director, Head of Information Systems and Preservation, UKDA 26 May 2005.
AAI for Apps Using AAI with your Smartphone Daniel Latzer Zürich, April 2013

AAI for Apps Using AAI with your Smartphone Daniel Latzer Zürich, April 2013
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
WP8 Security and Privacy Identity Management 15. November 2012 Wolfgang Steigerwald (DT) Robert Seidl (NSN)

WP8 Security and Privacy Identity Management 15. November 2012 Wolfgang Steigerwald (DT) Robert Seidl (NSN)
PDS User Management DigiTool Version 3.0. User Management 2 PDS Overview PDS Setup Single Sign On Agenda.

PDS User Management DigiTool Version 3.0. User Management 2 PDS Overview PDS Setup Single Sign On Agenda.
Dispatcher Conditional Expression Static Request Filter Attribute Filter Portal 1 1 2 2 4 4 3,6 5 5 7 7 8 8 9 9 1010 1010 DNS Hello User Sample (Gateway)

Dispatcher Conditional Expression Static Request Filter Attribute Filter Portal , DNS Hello User Sample (Gateway)
FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University

FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University
JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.

JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (http://www.ag-nbi.de)http://www.ag-nbi.de.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Catania Science Gateway Framework Motivations, architecture, features Catania, 09/06/2014Riccardo Rotondo

Catania Science Gateway Framework Motivations, architecture, features Catania, 09/06/2014Riccardo Rotondo
Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, 2004. This work is the intellectual property of the.

Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, This work is the intellectual property of the.
Requirements of a public and university Library for authentication and authorization infrastructures Wolfgang Lierz ETH-Bibliothek Head IT Services.

Requirements of a public and university Library for authentication and authorization infrastructures Wolfgang Lierz ETH-Bibliothek Head IT Services.
Federated Shibboleth, OpenID, oAuth, and Multifactor | 1 Federated Shibboleth, OpenID, oAuth, and Multifactor Russell Beall Senior Programmer/Analyst University.

Federated Shibboleth, OpenID, oAuth, and Multifactor | 1 Federated Shibboleth, OpenID, oAuth, and Multifactor Russell Beall Senior Programmer/Analyst University.
LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.

LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.
The Integration of two large Aleph Library Systems Andreas Kirstein Head Media and IT Services ETH-Bibliothek Head NEBIS Network.

The Integration of two large Aleph Library Systems Andreas Kirstein Head Media and IT Services ETH-Bibliothek Head NEBIS Network.

Similar presentations

Ads by Google