 |
 |
As some of you know, Eduserv have been working on a method of allowing users at Shibboleth IdPs to use Athens-protected services that do not meet Athens implementation standards. We have been working with some of the JISC Early Adopter organisations to test that the fix works correctly, and to date no problems have been found with the fix. We would therefore like to invite the rest of the [JISC-SHIBBOLETH] community to use it. The problem arose because when a user from a Shibboleth IdP accesses an Athens-protected service via the gateway, the gateway creates an Athens session for that user. That meant that if that user subsequently tried to log into a non-gateway compliant service with a classic Athens account, the Athens authentication point (AP) detected the Athens session and tried to log the user in automatically. The user then encountered an error, most often because the service provider (SP) was checking the first three characters of the user's handle, which is not persistent in Shibboleth. The fix developed by Eduserv allows a user from a Shibboleth IdP to log into non-gateway compliant services with a classic Athens account. It uses a URL format called a target resource locator (TRL), which uses a combination of: * the URL of the Athens authentication point (AP) * a TRL identifier * a resource identifier * an extra parameter to pass at the Athens AP: ath_action=noHddsSession The basic format of a TRL is therefore: https://auth.athensams.net/trl/1.0/-/RESOURCE_ID?ath_action=noHddsSessio n A list of TRLs for non-gateway compliant services is below. We have not introduced a fix for some services because the providers have informed us that they are due to be retired after users have been migrated to new platforms. These include: * all Butterworths services * Dialog Education@Site and Dialog@Site * UK JSTOR Mirror Service Dialog DataStar https://auth.athensams.net/trl/1.0/-/DIALOG_DATASTAR?ath_action=noHddSes sion <https://auth.athensams.net/trl/1.0/-/DIALOG_DATASTAR?ath_action=noHddSe ssion> International Who's Who https://auth.athensams.net/trl/1.0/-/WORLD_WHO_WHO?ath_action=noHddSessi on JISC PDS https://auth.athensams.net/trl/1.0/-/PDS?ath_action=noHddSession LexisNexis Professional and Executive https://auth.athensams.net/trl/1.0/-/Lexis?ath_action=noHddSession Oxford Scholarship Online https://auth.athensams.net/trl/1.0/-/OUP_OSO?ath_action=noHddSession ProQuest https://auth.athensams.net/trl/1.0/-/PROQUEST?ath_action=noHddSession <https://auth.athensams.net/trl/1.0/-/PROQUEST?ath_action=noHddSession> Routledge Encyclopaedia of Philosophy https://auth.athensams.net/trl/1.0/-/ROUTLEDGE_ENC?ath_action=noHddSessi on UK JSTOR Mirror Service https://auth.athensams.net/trl/1.0/-/JSTOR?ath_action=noHddSession Westlaw UK https://auth.athensams.net/trl/1.0/-/WESTLAWUK?ath_action=noHddSession Regards Phil Leahy Business Development Manager Eduserv Athens access management ________________________________ [log in to unmask] tel: +44 (0)1225 474333 fax: +44 (0)1225 474332 http://www.eduserv.org.uk/athens/ ________________________________ Eduserv Athens is a service of Eduserv Technologies Limited Unless otherwise agreed expressly in writing by a senior manager of Eduserv, this communication is to be treated as confidential and the information in it may not be used or disclosed except for the purpose for which it has been sent. If you have reason to believe that you are not the intended recipient of this communication, please contact the sender immediately. No employee or agent is authorised to enter into any binding agreement or contract on behalf of Eduserv or Eduserv Technologies Ltd., unless that agreement is subsequently confirmed by the conclusion of a written contract or the issue of a purchase order.