[Fim4l] Federated access - Walk-In
Rhys.Smith at jisc.ac.uk
Tue Feb 25 12:20:32 CET 2020
The eduPersonScopedAffiliation attribute has a value to cover this already - “library-walk-in”
How that might work in practice is that the library could give those users who visit an account that asserts that particular attribute/value, or if you have open access workstations, configure the SAML IdP to automatically authenticate that IP address as a particular shared user that asserts that particular attribute/value.
It’s then up to the publisher to make the authorisation decision about whether a library-walk-in is allowed access to that particular resource.
If you just google “library-walk-in SAML” you should find some resources describing that above. I think GÉANT have some docs around some work they’ve done in this area.
Dr Rhys Smith
Chief Technical Architect, Trust & Identity
T: +44 (0) 1235 822145
M: +44 (0) 7968 087821
Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under company number 05747339, VAT number GB 197 0632 86. Jisc’s registered office is: 4 Portwall Lane, Bristol, BS1 6NB. T 0203 697 5800.
> On 25 Feb 2020, at 11:15, Koren, Meshna (ELS-AMS) <M.Koren at elsevier.com> wrote:
> Dear all,
> Many libraries can, as part of their agreement with a publisher, provide access to subscribed publications to users that visit the premises. That's easy enough when the library has IP address access configured with the publisher.
> Has anyone given any thought to how that would work with federated access, where libraries don't use IP address authentication?
> And if yes, are there any thoughts or tips to be shared?
> Meshna Koren
> Associate Product Manager
> Product Management - Identity and Access - Research Products
> Elsevier BV
> Radarweg 29, Amsterdam 1043 NX, The Netherlands
> m.koren at elsevier.com
> Federated Access - SAML, Shibboleth, Corporate SSO, OpenAthens, Institutional Login
> Elsevier B.V. Registered Office: Radarweg 29, 1043 NX Amsterdam, The Netherlands, Registration No. 33156677, Registered in The Netherlands.
> FIM4L mailing list
> FIM4L at lists.daasi.de
More information about the FIM4L