SSO Authentication Webinar Q&A
Below are listed questions that were submitted during the NISO Single Sign-On Authentication
Webinar. Answers from the presenters will be added shortly. Not all the
questions could be responded to during the live webinar, so those that could
not be addressed at the time are also included below.
Feel free to contact us if you have any additional questions about library, publishing, and technical services standards, standards development, or if you have have suggestions for new standards, recommended practices, or areas where NISO should be engaged.
Single Sign-On Authentication: Understanding the Pieces of the Puzzle
Webinar Questions & Answers
February 11, 2009
- Question: Hi Adam, On the first slide you mentioned the proxy server solution and only mentioned EZProzy. We are a reseller for H+H a German software company who have build Hidden Automatic Navigator (HAN). Its does the same as EZProxy but even more. Are you aware of any US libraries using this HAN?
Adam Chandler: No, I am not. I have not heard of any US libraries using it. If it is licensed, perhaps H+H has a list of US libraries?
- Question: For Adam: How about III ILS system? WE use one of the URLs as the proxy gateway and it works fine for IP authentication. It acts as an SSO by default. Is that acceptable?
Adam Chandler: Same problem. The remote user must first go to the catalog in order to be authenticated. I am interested in a model in which the patron can start from the open web and find their way into the library's licensed content.
- Question: I am curious about what Adam's thoughts are about LibX?
Adam Chandler: I remain frustrated by the way LibX has beeb implemented. It appears nobody has built in a redirect counter to find out if patrons even use it! Installing another widget is a high threshold for most users. I doubt if they are using it much, but like I said, nobody knows.
- Question: Steve had on his slides a mention of work with federated access groups, but this received no mention. Please can all speakers talk about how these technologies work with federated search services?
- Question: How does Shibboleth work together with a local authentication system and/or with EZproxy? Could you give examples? How much work is involved in implementing and maintaining Shibboleth?
- Question: Could you explain a bit about personalization in Athens, which is not available in Proxy?
Keith Dixon: Where institutions are using the Athens service to maintain user identities, an opaque, persistent identifier is provided to publishers. Publishers can then use as the basis for providing personalization. It also provides the basis for tracking down misuse and aggregate authorization statistics, which are available to both institutions and service providers.
- Question: Where are the other campus technology providers in this discussion? Campus portals and CMS's, etc?
- Question: Hi, Karen, can you review again next steps that NISO is taking to form a Working Group? thanks
Karen Wetzel (NISO): I'm glad to help. Probably the best overview of NISO's standards process is found on NISO's Documents page: Standards Development Process: An Overview. This PowerPoint file provides a quick look at the procedural requirements surrounding ANS standards development at NISO. In brief, though: no comments were received to the draft new work item proposal on SSO Authentication that was made available as part of this webinar. The draft was distributed to the Discovery to Delivery Topic Committee at the same time; it was then reviewed March 16, 2008 and approved in Topic Committee (with a small clarification on the interest groups section). With that edit, the proposal will go to the NISO membership for their approval, which requires that a minimum of 10% of NISO's members agree to join the voting pool for the item. With that, we can then begin the work of forming a working group, finalizing timelines, and moving ahead on the proposed work. Please contact me at firstname.lastname@example.org if you are interested in joining the working group or interest group, if you have additional questions, or if you would like to propose new work to take place within NISO.
- Question: Concerning the federated search answers. Unfortunately, even though the techniques discussed work (we use them in some instances) it is not *allowed* by many of the authentication providers to do this.
- Question: The general tenor of the presentations and discussion is too high-level as it rather has to be. Will [further discussion] be available?
Karen Wetzel (NISO): We would be thrilled to continue this discussion; please contact me if you have any suggestions for what format you think would be best to do that in. We hope to also see a new working group on SSO Authentication be approved shortly; with that will be an opportunity to engage through that group or more informally via an interest group list. The working group will also be involved with making sure there is more opportunity within the community to discuss this topic, and your input is very welcome. In the meantime, I encourage additional resources to be sent in so we can build on this event, and if there are lists or other venues where this topic is being discussed that we can point to, I'd be happy to add those to the resources page, as well. Feel free to send me a note at email@example.com.