Nicole
There were a few other minor issues that affected individual service
providers, but the root cause of each of those was that they were using
old versions of the Athens agent and hadn't upgraded when we originally
advised them to.
Service providers that were prefix-checking Athens users accounted for
the majority of services with gateway compliance issues. And I wouldn't
exactly characterise them as 'happy' that we were nagging them to
upgrade, although many of them did so within a few months of us raising
the issue with them.
Regards
Phil Leahy
Business Development Manager
Eduserv Athens
access management
_____
[log in to unmask]
tel: +44 (0)1225 474333
fax: +44 (0)1225 474332
http://www.eduserv.org.uk/athens/
_____
Eduserv Athens is a service of Eduserv Technologies Limited
-----Original Message-----
From: Discussion list for Shibboleth developments
[mailto:[log in to unmask]] On Behalf Of Nicole Harris
Sent: 1 February 2006 11:20
To: [log in to unmask]
Subject: Re: [ATHENS] Shibboleth-Athens Gateway and Athens DA
Thanks Phil, that is helpful.
For complete clarity, how has this been resolved for the resources that
are
gateway compliant? I assume that they are simply not carrying out a
prefix
check and they are happy with this??
Nicole
-----Original Message-----
From: Discussion list for Shibboleth developments
[mailto:[log in to unmask]] On Behalf Of Eduserv Athens
Local
Authentication Support
Sent: 01 February 2006 10:09
To: [log in to unmask]
Subject: Re: [ATHENS] Shibboleth-Athens Gateway and Athens DA
Nicole
The main issue with non-gateway compliant services is that they are
still using prefix checking to identify a user's home organisation as
part of the authorisation process. Service providers are doing this by
extracting the first three characters of the username; AthensDA
'virtual' usernames were designed to include an organisational prefix
because that was the recommended method of identifying a user's home
organisation at the time. However, Shibboleth handles do not have such
coding built into them, so when a service provider extracts the first
three characters, they do not get any sensible information from it.
AthensDA technology was developed to pass an Athens user's credentials
in exactly the same way as a classic Athens user, which is why there is
no difference in behaviour between these technologies.
Regards
Phil Leahy
Business Development Manager
Eduserv Athens
access management
_____
[log in to unmask]
tel: +44 (0)1225 474333
fax: +44 (0)1225 474332
http://www.eduserv.org.uk/athens/
_____
Eduserv Athens is a service of Eduserv Technologies Limited
-----Original Message-----
From: Discussion list for Shibboleth developments
[mailto:[log in to unmask]] On Behalf Of Nicole Harris
Sent: 26 January 2006 18:39
To: [log in to unmask]
Subject: Re: [ATHENS] Shibboleth-Athens Gateway and Athens DA
Jonathan
I am forwarding your message to the shibboleth discussion list where
some of
the people who have already implemented the gateway procedures are more
likely to be lurking!
I'm surprised to hear that more resources are AthensDA compliant than
gateway compliant as I thought the same non-compliancy issues would
affect
both systems...would be interested to find out more!
Community pressure on Westlaw *is* starting to make an impact, and they
are
starting to talk about implementing shibboleth at a much earlier date
than
previously suggested. They are likely to go straight for
shibboleth-compliance rather than gateway compliance though...but this
should make very little difference for a shibbolised institution in the
long
run!
Hope this helps
Nicole
-----Original Message-----
From: Discussion list for Athens Administrators
[mailto:[log in to unmask]] On Behalf Of Jonathan Hooper
Sent: 26 January 2006 10:27
To: [log in to unmask]
Subject: [ATHENS] Shibboleth-Athens Gateway and Athens DA
We are currently looking at the Shibboleth-Athens Gateway in the hope of
going live in September 2006.
1. Please could I ask other sites who have done/are planning this:
- How do/will you manage ongoing Classic Athens accounts? - e.g.
do/will you still bulk upload?
- How do/will you get the cookie set in your users' browsers? e.g. two
possible approaches are MMU's who have a prominent link on the Library
home page, and Durham's who use the links in the catalogue to set cookie
then redirect to resource
2. It looks as if more resources are Athens DA compliant than are
Shib-Athens compliant - a particular problem for us is Westlaw. Have any
sites taken the decision to use Athens DA rather than Shib-Athens for
this reason?
3. Would anyone from other sites be prepared to discuss their
experiences more generally with us? If so, please could they get back to
me off-list?
Thanks,
Jonathan
Jonathan Hooper
Leeds University Library
[log in to unmask]
Unless otherwise agreed expressly in writing by a senior manager of
Eduserv,
this
communication is to be treated as confidential and the information in it
may
not be
used or disclosed except for the purpose for which it has been sent.
If you have reason to believe that you are not the intended recipient of
this communication,
please contact the sender immediately.
No employee or agent is authorised to enter into any binding agreement
or
contract
on behalf of Eduserv or Eduserv Technologies Ltd., unless that agreement
is
subsequently
confirmed by the conclusion of a written contract or the issue of a
purchase
order.
Unless otherwise agreed expressly in writing by a senior manager of
Eduserv, this communication is to be treated as confidential and the
information in it may not be used or disclosed except for the purpose
for which it has been sent.
If you have reason to believe that you are not the intended recipient
of this communication, please contact the sender immediately.
No employee or agent is authorised to enter into any binding agreement
or contract on behalf of Eduserv or Eduserv Technologies Ltd., unless
that agreement is subsequently confirmed by the conclusion of a written
contract or the issue of a purchase order.
|
