The crux of the matter is this:
* Shibboleth is needed where users discover resources on their own (e.g.
via google) rather than browsing via an institutional portal, because
EZproxy cannot support this method of access.
* EZproxy is needed for resources which have yet to implement a
SAML-compliant authentication system but offer IP authentication.
So 3) is the pragmatic solution that lots of places end up using because
even though it's messier, it covers all bases.
My 2c.
R.
--
----------------------------------------------------------------------
Rhys Smith e: [log in to unmask]
Engineering Consultant: Identity & Access Management (GPG:0xDE2F024C)
Information Services,
Cardiff University, t: +44 (0) 29 2087 0126
39-41 Park Place, Cardiff, f: +44 (0) 29 2087 4285
CF10 3BB, United Kingdom. m: +44 (0) 7968 087 821
----------------------------------------------------------------------
From:
NODA Hideaki <[log in to unmask]>
To:
[log in to unmask]
Date:
09/02/2010 13:13
Subject:
[JISC-SHIBBOLETH] EZProxy v. Shibboleth?
Dear all;
Our UPKI-fed, the Japanese access management federation, regards that
SSO for e-resources is the most persuasive merit of Shibboleth for
librarians.
However, we feel some difficulties to promote our federation only with
this
insistence.
As same as in UK, there are many universities in Japan which
use EZProxy as a tool of SSO for their libraries' e-resources.
Considering Shibboleth as a tool for SSO, some of them claim that
it is difficult to find any significant advantage over their
EZProxy-based SSO systems.
Then, how do you think the merit / demerit of...
1) Shibboleth-only SSO service,
2) Non-Shibbolized EZProxy-based SSO,
3) Hybrid SSO with Shibboleth and Shibbolized EZProxy ?
Please show us your opinions.
Best wishes;
Hideaki
------------------------
NODA, Hideaki
Chiba University Library
Public service division.
Tel: (+81)43 290 2258
Fax: (+81)43 290 2266
Mail: [log in to unmask]
-------------------------
http://www.ll.chiba-u.ac.jp/
http://mitizane.ll.chiba-u.jp/curator/
|