[Fim4l] Short introduction

Tue Apr 9 16:27:19 CEST 2019

Hi,

most content provider platforms work with fixed customer accounts, and a 
user is always mapped to a single customer account, either based on IP 
ranges or information provided by FIM. So while FIM could provide the 
information which resources from multiple customer accounts should be 
available to a specific user, most content provider won't be able to 
give the user access to that set of resources.

For example University of Freiburg and a special information service 
have two different customer accounts for a content provider, and a user 
is always mapped to one of them. In order to provide access to both the 
resources licensed by University of Freiburg and the special information 
service to a user entitled to access both, a separate customer account 
with the combined resources and a specific mapping to that customer 
account would be nessecary. There are lots of special information 
services and even more combinations of licensed resources -  this 
obviously doesn't scale.

There are some exceptions like SpringerLink, but the way this is handled 
today is quite confusing - it is possible to login multiple times with 
accounts from differnt institutions (or even the same institution) and 
the status message at the bottom of the page still shows "Not logged 
in". This only changes when a registered SpringerLink account is used to 
login.

Best regards,
Bernd

On 09.04.2019 15:10, Gragert, Gerrit wrote:
> Dear Jiri,
> 
>> Is it correct that State Library Berlin registered patrons can use
>> federated authentication at JSTOR, Project MUSE, Web Of Science, ... ?
> 
> Well... No. It's complicated...
> 
> We have differents groups of users/patrons. The largest group are our "local" patrons at the SBB - you have to get here to our house, fill out and sign a registration form and then you get a library card. Then you may use our ejournals and databases and so on (including JSTOR, MUSE etc.)
> 
> But these patrons have to use a proxy-server with local authentication (OpenLDAP). As I wrote, we cannot provide federated authentication for them because a lot of these patrons already have an federated identity at their university or other home instiution.
> 
> Another group of users are the users of our special information services (in german it says Fachinformationsdienste). These are scientist from all over germany who are registered for the service. They may connect their home identity with the account at the special information service via eduPersonUniqueId. Here, we are using federated authentication based on SAML at our proxy server, but not towards the providers (also because the providers are mostly chinese and they never heard about something like Shibboleth).
> 
> But my goal is to offer federated authentication for all of our users. So out patrons may use our services and the serivces at third-party providers we have licensed with their home identity.
> 
> Best,
> 
>      Gerrit
> 
> --
> Gerrit Gragert, M.A.
> Ltg. IT-Services fuer die Digitale Bibliothek Abt. IDM 2.3
> 
> Staatsbibliothek zu Berlin - Preußischer Kulturbesitz Potsdamer Str. 33
> 10785 Berlin
> 
> Tel.: +49 30 266-43 22 30
> Fax: +49 30 266-33 20 01
> gerrit.gragert at sbb.spk-berlin.de
> www.staatsbibliothek-berlin.de
> 
> _______________________________________________
> FIM4L mailing list
> FIM4L at lists.daasi.de
> http://lists.daasi.de/listinfo/fim4l
> 

-- 
Bernd Oberknapp
Gesamtleitung ReDI

Albert-Ludwigs-Universität Freiburg
Universitätsbibliothek
Platz der Universität 2 | Postfach 1629
D-79098 Freiburg        | D-79016 Freiburg

Telefon:  +49 761 203-3852
Telefax:  +49 761 203-3987
E-Mail:   bo at ub.uni-freiburg.de
Internet: www.ub.uni-freiburg.de

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5290 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.daasi.de/pipermail/fim4l/attachments/20190409/aded054d/attachment.p7s>