As some of you know, Eduserv have been working on a method of allowing users at Shibboleth IdPs to use Athens-protected services that do not meet Athens implementation standards.  We have been working with some of the JISC Early Adopter organisations to test that the fix works correctly, and to date no problems have been found with the fix.  We would therefore like to invite the rest of the [JISC-SHIBBOLETH] community to use it.

 

The problem arose because when a user from a Shibboleth IdP accesses an Athens-protected service via the gateway, the gateway creates an Athens session for that user.  That meant that if that user subsequently tried to log into a non-gateway compliant service with a classic Athens account, the Athens authentication point (AP) detected the Athens session and tried to log the user in automatically.  The user then encountered an error, most often because the service provider (SP) was checking the first three characters of the user’s handle, which is not persistent in Shibboleth.

 

The fix developed by Eduserv allows a user from a Shibboleth IdP to log into non-gateway compliant services with a classic Athens account.  It uses a URL format called a target resource locator (TRL), which uses a combination of:

 

The basic format of a TRL is therefore:

 

https://auth.athensams.net/trl/1.0/-/RESOURCE_ID?ath_action=noHddsSession

 

A list of TRLs for non-gateway compliant services is below.  We have not introduced a fix for some services because the providers have informed us that they are due to be retired after users have been migrated to new platforms.  These include:

 

Dialog DataStar

https://auth.athensams.net/trl/1.0/-/DIALOG_DATASTAR?ath_action=noHddSession

 

International Who's Who

https://auth.athensams.net/trl/1.0/-/WORLD_WHO_WHO?ath_action=noHddSession

 

JISC PDS

https://auth.athensams.net/trl/1.0/-/PDS?ath_action=noHddSession

 

LexisNexis Professional and Executive

https://auth.athensams.net/trl/1.0/-/Lexis?ath_action=noHddSession

 

Oxford Scholarship Online

https://auth.athensams.net/trl/1.0/-/OUP_OSO?ath_action=noHddSession

 

ProQuest

https://auth.athensams.net/trl/1.0/-/PROQUEST?ath_action=noHddSession

 

Routledge Encyclopaedia of Philosophy

https://auth.athensams.net/trl/1.0/-/ROUTLEDGE_ENC?ath_action=noHddSession

 

UK JSTOR Mirror Service

https://auth.athensams.net/trl/1.0/-/JSTOR?ath_action=noHddSession

 

Westlaw UK

https://auth.athensams.net/trl/1.0/-/WESTLAWUK?ath_action=noHddSession


Regards

Phil Leahy
Business Development Manager

Eduserv Athens

access management


[log in to unmask]

tel: +44 (0)1225 474333
fax: +44 (0)1225 474332

http://www.eduserv.org.uk/athens/


Eduserv Athens is a service of Eduserv Technologies Limited

 



Unless otherwise agreed expressly in writing by a senior manager of
Eduserv, this communication is to be treated as confidential and the
information in it may not be used or disclosed except for the purpose
for which it has been sent.
If you have reason to believe that you are not the intended recipient
of this communication, please contact the sender immediately.
No employee or agent is authorised to enter into any binding agreement
or contract on behalf of Eduserv or Eduserv Technologies Ltd., unless
that agreement is subsequently confirmed by the conclusion of a written
contract or the issue of a purchase order.