Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Integration of Aleph/Primo with PDS into larger Shibboleth

advertisement 
Integration Primo-Aleph-PDS-SSOAAI
Wolfgang Lierz
Staff IT-Services / Network & Security
Admin
ETH-Bibliothek Zurich
Integration of Aleph/Primo with PDS
into larger Shibboleth/SSO
environments
1
Wolfgang Lierz / IGeLU 2012 Zurich
Integration Primo-Aleph-PDS-SSO-AAI
Why Single Sign-On anyway?
We have alternatives:
2
Post-It around display
Post-It below keyboard
Browser password store
KeePass password store
Cloud password store
Facebook login
Wolfgang Lierz / IGeLU 2012 Zurich
Integration Primo-Aleph-PDS-SSO-AAI
Authentication and Authorization Infrastructure
Without AAI-SSO
With AAISSO
• 1999-2000 First ideas and workshop
• 2001-2003 Project study and pilot
• 2004-2005 Implementation
3
Wolfgang Lierz / IGeLU 2012 Zurich
Integration Primo-Aleph-PDS-SSO-AAI
AAI in Switzerland
4
Wolfgang Lierz / IGeLU 2012 Zurich
Integration Primo-Aleph-PDS-SSO-AAI
Authentication with nethz
HR / Students
Administration
ETH Zurich
members
«nethz» database
«nethz-login»
Authentication
«Who am I»
Active
Directory
Authorization
«What may I do»
Windows
Exchange
Sharepoint
LDAP
RADIU
S
AAI
(Shibboleth
)
e-pics
WLAN
eduroam
VPN
e-collection.
Proxy
SMS
«Same Sign On»
5
«Single Sign On»
Wolfgang Lierz / IGeLU 2012 Zurich
Integration Primo-Aleph-PDS-SSO-AAI
Aleph in Switzerland
•
ExLibris Aleph
v20
(only NEBIS with
PDS)
•
5 Systems
•
Shared User File
(SUF)
700000 accounts
•
Integration UZH
into NEBIS 2013
(INUIT)
200000 accounts
200 libraries
6
Wolfgang Lierz / IGeLU 2012 Zurich
Integration Primo-Aleph-PDS-SSO-AAI
AAI-SSO for ETHZ staff and students
Goals within current NEBIS/Aleph
operation:
- eliminate separate individual user
registration / activation process at
library
- enable nethz-userid for ETHZ staff and
students
- use nethz-attributes of ALL staff and
students by Aleph and discontinue
separate user management
7
Wolfgang Lierz / IGeLU 2012 Zurich
Integration Primo-Aleph-PDS-SSO-AAI
Aleph with nethz / PLIF
Alternatives A2+A3 unfortunately
impossible with Aleph
SAP
nightly
A3 Batch / Copy on request
AAI
A2
nethz
User / Copy at
Login
PLIF
nethz
(at least daily)
PDS (login)
Aleph
(Application)
Indices
A4
Batch / triggered by
changes
Aleph
(Database)
8
Wolfgang Lierz / IGeLU 2012 Zurich
Shibboleth UniqueID
as additional
Aleph ID #20
Integration Primo-Aleph-PDS-SSO-AAI
2012: AAI-SSO for ETH members
Intermediate (PDS) Login page from September 2012
Authentication via
«native» Aleph login
(may disappear 2013)
Embedded WAYF
Authentication via
«nethz-login» (AAI-SSO)
(more selections 2013)
9
Wolfgang Lierz / IGeLU 2012 Zurich
Integration Primo-Aleph-PDS-SSO-AAI
E-Lending2013: AAI-SSO for private customers
PIN-VHO
Primo FE 1...4
e-shelf
PDS (login)
with Shibboleth
NEBIS/Aleph
EAD00
EAD50
ZAD50
Indices (Aleph)
UZH50
WAYF
other AAI IDPs
Private customers
10
(via nethz)
AAI IDP (operated by Switch)
aai-login.libraries.ch
(SSL
connection)
NEBIS Form for
registration
(New) registration
register.libraries.ch
Aleph (Oracle DB)
AAI IDP (at ETHZ)
aai-login.ethz.ch
Initial
Password
Re(set) password
password.libraries.
ch
Wolfgang Lierz / IGeLU 2012 Zurich
Private customers DB
- Attributes from Aleph
- Passwords only here
New separate
Private Customers IDP
(at ETHZ)
Integration Primo-Aleph-PDS-SSO-AAI
Future: ID management outside Ex Libris
E-Lending
and others
WAYF
Primo FE 1...4
e-shelf
other AAI IDPs
AAI IDP (at ETHZ)
aai-login.ethz.ch
(via nethz)
AAI IDP (operated by Switch)
aai-login.libraries.ch
PDS as a
separate service
WITH
attribute retrieval
(New) registration
register.libraries.ch
Alma ?
Re(set) password
password.libraries.
ch
Interface to external
Identity
Management
11
Wolfgang Lierz / IGeLU 2012 Zurich
Private customers DB
- Attributes now HERE
- Passwords only here
Swiss-wide
Private Customers IDP
Integration Primo-Aleph-PDS-SSO-AAI
Further reading
For much more details see our report
Single Sign On für e-lib.ch und sein
Webportal
(in German, 2012, 61 p.)
e-collection.library.ethz.ch/view/eth:5453
12
Wolfgang Lierz / IGeLU 2012 Zurich
Integration Primo-Aleph-PDS-SSO-AAI
Credits
Thanks to:
- SSO project team of ETH-Bibliothek
- ITS IT-Services of ETH-Bibliothek
- ICT services of ETH Zurich
- SWITCH AAI team
- ELCA Informatik AG, Zürich
13
Wolfgang Lierz / IGeLU 2012 Zurich
Integration Primo-Aleph-PDS-SSO-AAI
Questions ?
SFX with PDS-SSO-AAI ?
Thank you!
wolfgang.lierz@library.ethz.ch
14
Wolfgang Lierz / IGeLU 2012 Zurich
DEMO
http://www.switch.ch/aai/demo/
15
Wolfgang Lierz / IGeLU 2012 Zurich
Related documents
IGELU 2012 - Cloud 9 or cloud over
IGELU 2012 - Cloud 9 or cloud over
BPC PPT Sample with photo
BPC PPT Sample with photo
IMAGES AS SOCIO-RELIGIOUS PRACTICES
IMAGES AS SOCIO-RELIGIOUS PRACTICES
Restaurant_Evaluatin_Power_Point
Restaurant_Evaluatin_Power_Point
Jiri Kende
Jiri Kende
Clint Draper, Head of Small Business, Zurich Insurance Middle East
Clint Draper, Head of Small Business, Zurich Insurance Middle East
Wolfgang Amadeus Mozart
Wolfgang Amadeus Mozart
QuakeML_FDSN_WGIII_2011
QuakeML_FDSN_WGIII_2011
How to start Whitepins - AMAS-Team
How to start Whitepins - AMAS-Team
Slide 1
Slide 1
Download
advertisement