Sue Stevens wrote:
> It's perhaps also interesting to note this approach appears to be
> gaining ground with other DSPs too.
>
> Ovid, ScienceDirect and Blackwell Synergy are all moving in this
> direction. Blackwell's aren't live with their's yet, but Ovid are:
> https://shibboleth.ovid.com/secure-ssl
That seems to be a somewhat different direction than the JSTOR one.
ScienceDirect (and, from your link, Ovid) only list federation members
which are also their customers in their integrated WAYF, not Athens
sites. ScienceDirect treats "Athens login" as a separate case,
with its own link that heads off to the standard Athens
Authentication Point.
> Though we're back to the user needing to know they're in the
> UK Access Management Federation (few if any will),
As a data point, at the start of the discussions within EDINA on how
to handle this, the general assumption was that users didn't previously
know even that they were using Athens. In practice, requiring them
to "Login via Athens" doesn't seem to have caused the level of problems
that the people claiming this anticipated.
Sean Dunne wrote:
> With so many possible variants of authentication
> methods (Classic Athens, AthensDA, UK Federation via institutional IdP, UK
> Federation via Athens-to-Shibboleth gateway, non-UK Federation), many
users
> would just not know which login button to choose in the first scenario.
> Describing how the user should choose correctly would be a nightmare.
Yes, in the abstract. However, isn't any particular user likely
to be told (locally on site) to "do <this>" to access a particular
resource?
> It's likely that we will adopt the solution of a customised WAYF for all
> users for remote login to the MIMAS CrossFire service when we release the
UK
> Federation route to CrossFire shortly. We will have to keep a record of
> which institutions are using which authentication route so that we can
> present the correct one to the user, but that's not too difficult with a
> service like Crossfire where we have a limited number (about 80) of
> subscribing institutions.
Are you in the happy position that each institution is guaranteed to
want to use only one access mechanism at a time? E.g., consider
an institution where most users are using Athens but they have a
pilot-stage Shibboleth IdP as well, and they want to be able to use both.
"Knowing" the required access mechanism for the University of X from
a list implies there is only one. That was one reason we didn't go
for an Athens-enabled WAYF like this.
Fiona.
|