[Fim4l] Scopus

Jiri Pavlik jiri.pavlik at mzk.cz
Sat Jul 20 07:35:18 CEST 2019


On Sat, 20 Jul 2019 at 00:46, Koren, Meshna (ELS-AMS) <M.Koren at elsevier.com>
wrote:

> That will be different per SP.
>
> Elsevier is updating the access management system from old to new. In the
> old system a user would lose access to their previous user account when the
> value of targetedID changed. A persistent NameID is generated in a
> different way than ePTID so that value would most likely change. There's
> nothing we can do for such user because a SAML attribute is only validated
> via a SAML assertion.
>
> In the new system we allow a user to 'link their new credentials' to their
> existing user account if their attributes change, provided they use the
> same email address they have used before. You can see that here:
> https://service.elsevier.com/app/answers/detail/a_id/29105/supporthub/elsevieraccess
>


👏🏻

Cheers

         Jiri





> This new system is gradually being implemented across products; quite a
> lot of work.
>
> Kind regards,
> Meshna
>
>
> -----Original Message-----
> From: FIM4L <fim4l-bounces at lists.daasi.de> On Behalf Of Bernd Oberknapp
> Sent: Friday, July 19, 2019 16:22
> To: fim4l at lists.daasi.de
> Subject: Re: [Fim4l] Scopus
>
> *** External email: use caution ***
>
>
>
> I'm wondering what happens if the identifiers sent by an IdP change
> (identifier added or removed, switch from eduPersonTargetedID to persistent
> ID or vice versa)? Would the users be able to request an initial password
> for their email address and, if the IdP sends an identifier, connect their
> existing Elsevier user account to a new identifier?
>
> Best regards,
> Bernd
>
>
> On 19.07.19 15:01, Koren, Meshna (ELS-AMS) wrote:
> > Yes, there are. I don't exactly know how many because no way of
> reporting on this, but there have always been users from institutions that
> aren't able to activate personalization because of that and they come and
> complain.
> >
> > Please note that our SP, specifically, can make use of
> eduPersonTargetedID or a Persistent NameID for this purpose; which one the
> IdP releases depends, I guess, on the software they use (and in some cases
> on what the federation recommends/configures).
> >
> > We're currently not requesting or requiring any attributes through our
> UK Federation metadata because there isn't a perfect way of doing that, and
> not requesting anything seems to be a lesser problem than otherwise. We
> don't need to alarm any existing IdPs into changing the released attributes
> because that would again cause trouble for end users... until we address
> that problem. It's a work in progress.
> >
> > We are requesting them through some federations, as you've noticed;
> that's because at the time of integration that was possible, and done, and
> it doesn't need to change.
> >
> > Kind regards,
> > Meshna
> >
> >
> >
> > -----Original Message-----
> > From: FIM4L <fim4l-bounces at lists.daasi.de> On Behalf Of Jiri Pavlik
> > Sent: Friday, July 19, 2019 10:24
> > To: fim4l at lists.daasi.de
> > Subject: Re: [Fim4l] Scopus
> >
> > *** External email: use caution ***
> >
> >
> >
> > Hi,
> >
> > thanks a lot for your comments, Meshna, Leif, Raoul, Peter, Bernd.
> >
> > Could you share with us, Meshna, whether there are some IdPs which are
> not releasing targetedID to Elsevier SP currently?
> > This would worth to address in order to avoid users confusion and
> discomfort when using federated authentication at Elsevier services. I
> belive there are no such IdPs from eduID.cz despide that requested
> attributes are missing in Elsevier SP metadata registered in eduGAIN.
> >
> > Best regards
> >
> >                 Jiri
> >
> > On Thu, Jul 18, 2019 at 10:18 PM Koren, Meshna (ELS-AMS) <
> M.Koren at elsevier.com> wrote:
> >>
> >> We (Elsevier; as Scopus doesn't have its own SP) tie a targetedID to
> >> an 'Elsevier user account' which is created in our database when a
> >> user decides to 'activate personalization', so that next time when a
> >> user accesses Elsevier product via the IdP, they can access their
> >> institutional entitlements AND their personal features with one set
> >> of credentials in one go. ('Activate personalization' means the same
> >> as 'register' or 'create user account'.)
> >>
> >> That is the only way we use targetedID.
> >>
> >> "So it's not enough to provide them with the ability to track every
> movement and every resource one accesses (based on a pseudonymous
> identifier released by the IDP), they will /only/ offer you the benefit of
> personalization features if you /also/ tell them exactly who you are with
> name and email?!
> >>
> >> Of course that fully undermines the point of sending them pseudonymous
> identifiers in the first place."
> >>
> >> That's upside down. Something to do with GDPR. We don't create user
> profiles without user's action. We don't use targetedID to track a user or
> to maintain a session across different products; that would be useless and
> unnecessarily complicated, seeing most of our users don't use federated
> access in the first place.
> >>
> >> An IdP doesn't need to release a targetedID. A user can register
> without it (email + password) if they want to, but then they'll have two
> sets of credentials and some of them will be eternally confused or annoyed
> because they can either access subscribed content or their personal
> features, but not both. They will of course register at other SPs and end
> up with more credentials, or all these emails with different passwords, or
> with the same passwords... which completely defies the purpose of federated
> access.
> >>
> >> Kind regards,
> >> Meshna
> >>
> >>
> >>
> >> Meshna Koren
> >>
> >> Associate Product Manager
> >> Product Management - Identity and Platform - Research Products
> >>
> >> Elsevier BV
> >> Radarweg 29, Amsterdam 1043 NX, The Netherlands m.koren at elsevier.com
> >>
> >> Federated Access - SAML, Shibboleth, Corporate SSO, OpenAthens,
> >> Institutional Login
> >>
> >>
> >>
> >>
> >> -----Original Message-----
> >> From: FIM4L <fim4l-bounces at lists.daasi.de> On Behalf Of Leif
> >> Johansson
> >> Sent: Thursday, July 18, 2019 22:01
> >> To: fim4l at lists.daasi.de
> >> Subject: Re: [Fim4l] Scopus
> >>
> >> *** External email: use caution ***
> >>
> >>
> >>
> >>>
> >>> So it's not enough to provide them with the ability to track every
> >>> movement and every resource one accesses (based on a pseudonymous
> >>> identifier released by the IDP), they will /only/ offer you the
> >>> benefit of personalisation features if you /also/ tell them exctly
> >>> who you are with name and email?!
> >>>
> >>
> >> Dude you can provide any information you like there... Thats exactly
> what a pseudonym is!
> >>
> >>          Cheers Leif
> >> _______________________________________________
> >> FIM4L mailing list
> >> FIM4L at lists.daasi.de
> >> http://lists.daasi.de/listinfo/fim4l
> >>
> >> ________________________________
> >>
> >> Elsevier B.V. Registered Office: Radarweg 29, 1043 NX Amsterdam, The
> Netherlands, Registration No. 33156677, Registered in The Netherlands.
> >> _______________________________________________
> >> FIM4L mailing list
> >> FIM4L at lists.daasi.de
> >> http://lists.daasi.de/listinfo/fim4l
> > _______________________________________________
> > FIM4L mailing list
> > FIM4L at lists.daasi.de
> > http://lists.daasi.de/listinfo/fim4l
> >
> > ________________________________
> >
> > Elsevier B.V. Registered Office: Radarweg 29, 1043 NX Amsterdam, The
> Netherlands, Registration No. 33156677, Registered in The Netherlands.
> > _______________________________________________
> > FIM4L mailing list
> > FIM4L at lists.daasi.de
> > http://lists.daasi.de/listinfo/fim4l
> >
>
>
> --
> Bernd Oberknapp
> Gesamtleitung ReDI
>
> Albert-Ludwigs-Universität Freiburg
> Universitätsbibliothek
> Platz der Universität 2 | Postfach 1629
> D-79098 Freiburg        | D-79016 Freiburg
>
> Telefon:  +49 761 203-3852
> Telefax:  +49 761 203-3987
> E-Mail:   bo at ub.uni-freiburg.de
> Internet: www.ub.uni-freiburg.de
>
>
> ________________________________
>
> Elsevier B.V. Registered Office: Radarweg 29, 1043 NX Amsterdam, The
> Netherlands, Registration No. 33156677, Registered in The Netherlands.
> _______________________________________________
> FIM4L mailing list
> FIM4L at lists.daasi.de
> http://lists.daasi.de/listinfo/fim4l
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.daasi.de/pipermail/fim4l/attachments/20190720/c10b3e96/attachment.html>


More information about the FIM4L mailing list