[Fim4l] LexisNexis Advance
Jiri Pavlik
jiri.pavlik at techlib.cz
Mon Mar 15 17:20:14 CET 2021
Hi,
I prefer Elsevier's approach, personalization based on
pairwise-id/eduPersonTargetedID.
Another sign in for personalisation on top of institutional sign in is
adding complexity,
it leads to worse user experience IMHO.
Cheers
Jiri
On Mon, Mar 15, 2021 at 5:01 PM Bernd Oberknapp <bo at ub.uni-freiburg.de>
wrote:
> Hi,
>
> I agree. The SP should not enforce the release of
> pairwise-id/eduPersonTargetedID, and if the IdP allows to release
> pairwise-id/eduPersonTargetedID the user should have the choice, so that
> the attribute is only released if the user wants to use the
> personalization based on that attribute. Additionally, when no
> pairwise-id/eduPersonTargetedID is passed to the SP, the SP still should
> offer personalization based on a registered account (as most publishers
> do, Elsevier as far as I know is one of very few publishers that don't
> allow this when an institutional login is used.).
>
> Best regards,
> Bernd
>
>
> On 15.03.21 16:46, Jiri Pavlik wrote:
> > Hi,
> >
> > IMHO there are users who wish to have anonymous access and there are
> > also users
> > who wish to have a profile, use personalisation. So a solution there
> > could be let users
> > decide about releasing pairwise-id (eduPersonTargetedID) using CAR.
> >
> > Best
> > Jiri
> >
> > On Mon, Mar 15, 2021 at 4:18 PM Jos Westerbeke <jos.westerbeke at eur.nl
> > <mailto:jos.westerbeke at eur.nl>> wrote:
> >
> > Hi Jiri, Bernd et al,
> >
> > thank you for this discussion. This is very meaningful for
> > downplaying the FIM4L recommendations 4.A and 4.B to a more simple
> > level.
> >
> > We now have two recommendations which you have to (unfortunately)
> > choose:
> >
> > 4.A. Transitory Access - eduPersonTargetedID as optional would be
> > fine for this.
> > 4.B. Personalized Access - eduPersonTargetedID required.
> > - And for 4.B the recommendation is to let it be for the SP side to
> > offer a profile, voluntarily to configure by users. So that in any
> > way IdP's do not have to release PII.
> > (https://www.fim4l.org/?page_id=257)
> >
> > What would we actually recommend for librarians? Wouldn't it be nice
> > to have just one option? I think it is too difficult for librarians
> > to choose here.
> >
> > Reading the discussion, we can say that we cannot recommend going
> > just for 4.B. And if librarians consider switching form IP to SAML
> > they are very suspicious about privacy.
> >
> > Can we recommend for both IdP's and SP's to go for 4.A?
> >
> > What about recommending 4.A and have the option for 4.B when there
> > is an agreement between IdP and SP about creating profiles, anchored
> > in a contract?
> >
> > Should we recommend a contract clausula alongside 4.B?
> >
> > As far as I understand, I'm aware of what Meshna says: If you opt
> > for 4.A then it is simply not possible to have a profile, which is
> > very annoying if not impossible for our patrons.
> >
> > Best,
> > Jos
> >
> >
> >
> >
> ------------------------------------------------------------------------
> > *From:* FIM4L <fim4l-bounces at lists.daasi.de
> > <mailto:fim4l-bounces at lists.daasi.de>> on behalf of Jiri Pavlik
> > <jiri.pavlik at techlib.cz <mailto:jiri.pavlik at techlib.cz>>
> > *Sent:* 15 March 2021 14:58
> > *To:* Koren, Meshna (ELS-AMS) <M.Koren at elsevier.com
> > <mailto:M.Koren at elsevier.com>>
> > *Cc:* fim4l at lists.daasi.de <mailto:fim4l at lists.daasi.de>
> > <fim4l at lists.daasi.de <mailto:fim4l at lists.daasi.de>>
> > *Subject:* Re: [Fim4l] LexisNexis Advance
> > Hi Meshna,
> >
> > thanks a lot for the comments.
> >
> > At Elsevier SP metadata [1] I can see:
> > eduPersonEntitlement (required)
> > eduPersonTargetedID (optional)
> > in DFN-AAI, IDEM or Australian Access Federation.
> >
> > At the SP metadata in eduGAIN / UK Federation there are no requested
> > attributes.
> > At the SP metadata in eduID.at, SWITCHaai, InCommon, RENATER I
> can see:
> > eduPersonEntitlement (required)
> > eduPersonTargetedID (required)
> >
> > It illustrates different approaches around the world how to express
> > optional ePTID release
> > in SP metadata and a challenge for one appropriate SP metadata in
> > eduGAIN serving globally.
> > To me
> > eduPersonEntitlement (required)
> > eduPersonTargetedID (optional)
> > seems as the most appropriate.
> >
> > Cheers
> > Jiri
> >
> >
> > 1.
> >
>
> https://met.refeds.org/met/entity/https%253A%252F%252Fsdauth.sciencedirect.com%252F/
> >
> <
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmet.refeds.org%2Fmet%2Fentity%2Fhttps%25253A%25252F%25252Fsdauth.sciencedirect.com%25252F%2F&data=04%7C01%7Cjos.westerbeke%40eur.nl%7C79db2eedf41a41cdeec208d8e7ba85c2%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637514136761630378%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=HmuCXxy9%2F1bQBVkGnsrbBcRmNJP9DsiETfB4g6uP0L4%3D&reserved=0
> >
> >
> >
> >
> > On Mon, Mar 15, 2021 at 12:01 PM Koren, Meshna (ELS-AMS)
> > <M.Koren at elsevier.com <mailto:M.Koren at elsevier.com>> wrote:
> >
> > Please allow me to add something to this discussion. ____
> >
> > __ __
> >
> > "The university students and staff are free to use
> > personalisation at Lexis Nexis,
> > Elsevier, EBSCO, ProQuest services if they want to so
> > eduPersonScopedAffiliation (required)
> > eduPersonEntitlement (required)
> > eduPersonTargetedID (optional)..."
> >
> > ____
> >
> > The students and staff can only use personalization when the IdP
> > releases ePTID (or pairwiseID), otherwise they can't. I am not
> > sure that this is clear from the metadata nor that the labels we
> > use to describe the required attributes are very clear on what
> > 'optional' means.____
> >
> > __ __
> >
> > For example, when a student accesses ScienceDirect they can read
> > subscribed articles whether or not ePTID has been released for
> > them, but if they want to 'create account' because they would
> > like to save searches, alerts or their search history, they can
> > only do that if the IdP has released a persistent identifier for
> > them. Otherwise they can't, because there's nothing in their
> > SAML assertions that allows us to recognize the returning
> > individual. So we are working towards requiring a persistent ID.
> > The personalization remains optional for the user.____
> >
> > __ __
> >
> > That may not be the same for other SPs, but it is valid for
> > Elsevier. ____
> >
> > __ __
> >
> > Kind regards,____
> >
> > Meshna____
> >
> > __ __
> >
> > __ __
> >
> > *__ __*
> >
> > *Meshna Koren**____*
> >
> >
> > /Product Manager II____/
> >
> > */Product Management - Identity and Access/**/- /**/Research
> > Products/**/____/*
> >
> > */__ __/*
> >
> > */Elsevier BV/*/____/
> >
> > /Radarweg 29, Amsterdam 1043 NX, The Netherlands____/
> >
> > /m.koren at elsevier.com <mailto:m.koren at elsevier.com>____/
> >
> > /__ __/
> >
> > /Federated Access - SAML, Shibboleth, Corporate SSO, OpenAthens,
> > Institutional Login____/
> >
> > /__ __/
> >
> > /Elsevier Access Support Center:
> >
>
> https://service.elsevier.com/app/answers/list/c/10543/supporthub/elsevieraccess/
> >
> <
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fservice.elsevier.com%2Fapp%2Fanswers%2Flist%2Fc%2F10543%2Fsupporthub%2Felsevieraccess%2F&data=04%7C01%7Cjos.westerbeke%40eur.nl%7C79db2eedf41a41cdeec208d8e7ba85c2%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637514136761640371%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=s2nQIh1Mocby%2Fnr0uG61jf%2Fg%2FWgqr%2FfHj6MhuH5sHHs%3D&reserved=0
> >____/
> >
> > /for your questions about which access methods does Elsevier
> > support, how to set them up, how do they work for users...____/
> >
> > /__ __/
> >
> > __ __
> >
> > __ __
> >
> > __ __
> >
> > __ __
> >
> > __ __
> >
> > *From:* FIM4L <fim4l-bounces at lists.daasi.de
> > <mailto:fim4l-bounces at lists.daasi.de>> *On Behalf Of *Jiri
> Pavlik
> > *Sent:* Sunday, March 14, 2021 15:28
> > *To:* Bernd Oberknapp <bo at ub.uni-freiburg.de
> > <mailto:bo at ub.uni-freiburg.de>>
> > *Cc:* fim4l at lists.daasi.de <mailto:fim4l at lists.daasi.de>
> > *Subject:* Re: [Fim4l] LexisNexis Advance____
> >
> > __ __
> >
> > **** External email: use caution ****____
> >
> > ____
> >
> > Hi Bernd,
> >
> > I see,
> > eduPersonScopedAffiliation (required)
> > eduPersonEntitlement (required)
> > is working for Freiburg University and
> > eduPersonScopedAffiliation (required)
> > eduPersonEntitlement (required)
> > eduPersonTargetedID (required)
> > is not.
> >
> > The university students and staff are free to use
> > personalisation at Lexis Nexis,
> > Elsevier, EBSCO, ProQuest services if they want to so
> > eduPersonScopedAffiliation (required)
> > eduPersonEntitlement (required)
> > eduPersonTargetedID (optional)
> > is working for the University as well.
> >
> > Is it correct?
> >
> > All the best
> >
> > Jiri____
> >
> > __ __
> >
> > ____
> >
> > On Sat, Mar 13, 2021 at 2:40 PM Bernd Oberknapp
> > <bo at ub.uni-freiburg.de <mailto:bo at ub.uni-freiburg.de>>
> > wrote:____
> >
> > Hi Jiri,
> >
> > On 13.03.21 09:15, Jiri Pavlik wrote:
> >
> > > When checking ProQuest SP for ProQuest Central
> > in DFN-AAI metadata [1]
> > > I can see both eduPersonEntitlement and
> > eduPersonTargetedID as required
> > > attributes.
> >
> > I assume you mean the SP
> > https://shibboleth-sp.prod.proquest.com/shibboleth
> >
> <
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fshibboleth-sp.prod.proquest.com%2Fshibboleth&data=04%7C01%7Cjos.westerbeke%40eur.nl%7C79db2eedf41a41cdeec208d8e7ba85c2%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637514136761640371%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=bosxymzT3WPyXBdeX0NnT5AvLDmTecE%2BEbZe6krDBwk%3D&reserved=0
> >?
> > That's obviously
> > wrong, both eduPersonScopedAffiliation and
> > eduPersonEntitlement are
> > supported for authorization, but as far as I can
> > tell you don't have to
> > use them, and eduPersonTargetedID isn't required.
> >
> > > Is it safe to assume that if there is
> > personalisation capability at a
> > > library service then all German universities,
> > libraries are fine with
> > > releasing eduPersonTargetedID for recognising
> > returning users and
> > > eduPersonEntitlement, eduPersonScopedAffiliation
> > for authorisation?
> >
> > No. I can't speak for other IdPs, but in my opinion
> > that approach would
> > be wrong, users by default should be able to use
> > services anonymously,
> > without being recognized as a returning user. Based
> > on what I can see in
> > the admin tools, only a very small percentage of our
> > users actually uses
> > the personalization features, so releasing
> > eduPersonTargetedID by
> > default just for personalization isn't an option. If
> > publishers would
> > force us to send an eduPersonTargetedID just for
> > personalization I would
> > consider dropping Shibboleth for those publishers
> > and using our EZproxy
> > instead.
> >
> > Best regards,
> > Bernd
> >
> > --
> > Bernd Oberknapp
> > Gesamtleitung ReDI
> >
> > Albert-Ludwigs-Universität Freiburg
> > Universitätsbibliothek
> > Platz der Universität 2 | Postfach 1629
> > D-79098 Freiburg | D-79016 Freiburg
> >
> > Telefon: +49 761 203-3852
> > Telefax: +49 761 203-3987
> > E-Mail: bo at ub.uni-freiburg.de
> > <mailto:bo at ub.uni-freiburg.de>
> > Internet: www.ub.uni-freiburg.de
> >
> <
> https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.ub.uni-freiburg.de%2F&data=04%7C01%7Cjos.westerbeke%40eur.nl%7C79db2eedf41a41cdeec208d8e7ba85c2%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637514136761650360%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=eLOZmpzI51ttj9vd4uSNyCcFAAxIPZKUWoSATsoVq1k%3D&reserved=0
> >____
> >
> >
> >
> ------------------------------------------------------------------------
> >
> > Elsevier B.V. Registered Office: Radarweg 29, 1043 NX Amsterdam,
> > The Netherlands, Registration No. 33158992, Registered in The
> > Netherlands.
> >
> >
> > _______________________________________________
> > FIM4L mailing list
> > FIM4L at lists.daasi.de
> > http://lists.daasi.de/listinfo/fim4l
> >
>
>
> --
> Bernd Oberknapp
> Gesamtleitung ReDI
>
> Albert-Ludwigs-Universität Freiburg
> Universitätsbibliothek
> Platz der Universität 2 | Postfach 1629
> D-79098 Freiburg | D-79016 Freiburg
>
> Telefon: +49 761 203-3852
> Telefax: +49 761 203-3987
> E-Mail: bo at ub.uni-freiburg.de
> Internet: www.ub.uni-freiburg.de
>
> _______________________________________________
> FIM4L mailing list
> FIM4L at lists.daasi.de
> http://lists.daasi.de/listinfo/fim4l
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.daasi.de/pipermail/fim4l/attachments/20210315/86061a5a/attachment-0001.html>
More information about the FIM4L
mailing list