As some of you know, Eduserv have been working on a method of allowing users at Shibboleth IdPs to use Athens-protected services that do not meet Athens implementation standards. We have been working with some of the JISC Early Adopter organisations to test that the fix works correctly, and to date no problems have been found with the fix. We would therefore like to invite the rest of the [JISC-SHIBBOLETH] community to use it.
The problem arose because when a user from a Shibboleth IdP accesses an Athens-protected service via the gateway, the gateway creates an Athens session for that user. That meant that if that user subsequently tried to log into a non-gateway compliant service with a classic Athens account, the Athens authentication point (AP) detected the Athens session and tried to log the user in automatically. The user then encountered an error, most often because the service provider (SP) was checking the first three characters of the user’s handle, which is not persistent in Shibboleth.
The fix developed by Eduserv allows a user from a Shibboleth IdP to log into non-gateway compliant services with a classic Athens account. It uses a URL format called a target resource locator (TRL), which uses a combination of:
The basic format of a TRL is therefore:
A list of TRLs for non-gateway compliant services is below. We have not introduced a fix for some services because the providers have informed us that they are due to be retired after users have been migrated to new platforms. These include:
International Who's Who
LexisNexis Professional and Executive
Oxford Scholarship Online
Routledge Encyclopaedia of Philosophy
UK JSTOR Mirror Service
Business Development Manager
Eduserv Athens is a service of Eduserv Technologies Limited