[Fim4l] LexisNexis Advance
Bernd Oberknapp
bo at ub.uni-freiburg.de
Mon Mar 15 17:58:08 CET 2021
Hi Jiri,
actually that approach only improves the user experience as long as a
user is only affiliated with a single institution. If the user is
affiliated with multiple institutions or leaves the institution (and
probably also for other some use cases), a personal account not based on
an institutional identity might be the better choice (at least as long
users don't have an edu-ID).
Best regards,
Bernd
On 15.03.21 17:20, Jiri Pavlik wrote:
> Hi,
>
> I prefer Elsevier's approach, personalization based on
> pairwise-id/eduPersonTargetedID.
> Another sign in for personalisation on top of institutional sign in is
> adding complexity,
> it leads to worse user experience IMHO.
>
> Cheers
> Jiri
>
>
> On Mon, Mar 15, 2021 at 5:01 PM Bernd Oberknapp <bo at ub.uni-freiburg.de
> <mailto:bo at ub.uni-freiburg.de>> wrote:
>
> Hi,
>
> I agree. The SP should not enforce the release of
> pairwise-id/eduPersonTargetedID, and if the IdP allows to release
> pairwise-id/eduPersonTargetedID the user should have the choice, so
> that
> the attribute is only released if the user wants to use the
> personalization based on that attribute. Additionally, when no
> pairwise-id/eduPersonTargetedID is passed to the SP, the SP still
> should
> offer personalization based on a registered account (as most
publishers
> do, Elsevier as far as I know is one of very few publishers that
don't
> allow this when an institutional login is used.).
>
> Best regards,
> Bernd
>
>
> On 15.03.21 16:46, Jiri Pavlik wrote:
> > Hi,
> >
> > IMHO there are users who wish to have anonymous access and
there are
> > also users
> > who wish to have a profile, use personalisation. So a
solution there
> > could be let users
> > decide about releasing pairwise-id (eduPersonTargetedID)
using CAR.
> >
> > Best
> > Jiri
> >
> > On Mon, Mar 15, 2021 at 4:18 PM Jos Westerbeke
> <jos.westerbeke at eur.nl <mailto:jos.westerbeke at eur.nl>
> > <mailto:jos.westerbeke at eur.nl <mailto:jos.westerbeke at eur.nl>>>
> wrote:
> >
> > Hi Jiri, Bernd et al,
> >
> > thank you for this discussion. This is very meaningful for
> > downplaying the FIM4L recommendations 4.A and 4.B to a more
> simple
> > level.
> >
> > We now have two recommendations which you have to
> (unfortunately)
> > choose:
> >
> > 4.A. Transitory Access - eduPersonTargetedID as optional
> would be
> > fine for this.
> > 4.B. Personalized Access - eduPersonTargetedID required.
> > - And for 4.B the recommendation is to let it be for the SP
> side to
> > offer a profile, voluntarily to configure by users. So that
> in any
> > way IdP's do not have to release PII.
> > (https://www.fim4l.org/?page_id=257)
> >
> > What would we actually recommend for librarians? Wouldn't it
> be nice
> > to have just one option? I think it is too difficult for
> librarians
> > to choose here.
> >
> > Reading the discussion, we can say that we cannot recommend
> going
> > just for 4.B. And if librarians consider switching form IP
> to SAML
> > they are very suspicious about privacy.
> >
> > Can we recommend for both IdP's and SP's to go for 4.A?
> >
> > What about recommending 4.A and have the option for 4.B when
> there
> > is an agreement between IdP and SP about creating profiles,
> anchored
> > in a contract?
> >
> > Should we recommend a contract clausula alongside 4.B?
> >
> > As far as I understand, I'm aware of what Meshna says: If
> you opt
> > for 4.A then it is simply not possible to have a profile,
> which is
> > very annoying if not impossible for our patrons.
> >
> > Best,
> > Jos
> >
> >
> >
> >
>
------------------------------------------------------------------------
> > *From:* FIM4L <fim4l-bounces at lists.daasi.de
> <mailto:fim4l-bounces at lists.daasi.de>
> > <mailto:fim4l-bounces at lists.daasi.de
> <mailto:fim4l-bounces at lists.daasi.de>>> on behalf of Jiri Pavlik
> > <jiri.pavlik at techlib.cz <mailto:jiri.pavlik at techlib.cz>
> <mailto:jiri.pavlik at techlib.cz <mailto:jiri.pavlik at techlib.cz>>>
> > *Sent:* 15 March 2021 14:58
> > *To:* Koren, Meshna (ELS-AMS) <M.Koren at elsevier.com
> <mailto:M.Koren at elsevier.com>
> > <mailto:M.Koren at elsevier.com <mailto:M.Koren at elsevier.com>>>
> > *Cc:* fim4l at lists.daasi.de <mailto:fim4l at lists.daasi.de>
> <mailto:fim4l at lists.daasi.de <mailto:fim4l at lists.daasi.de>>
> > <fim4l at lists.daasi.de <mailto:fim4l at lists.daasi.de>
> <mailto:fim4l at lists.daasi.de <mailto:fim4l at lists.daasi.de>>>
> > *Subject:* Re: [Fim4l] LexisNexis Advance
> > Hi Meshna,
> >
> > thanks a lot for the comments.
> >
> > At Elsevier SP metadata [1] I can see:
> > eduPersonEntitlement (required)
> > eduPersonTargetedID (optional)
> > in DFN-AAI, IDEM or Australian Access Federation.
> >
> > At the SP metadata in eduGAIN / UK Federation there are no
> requested
> > attributes.
> > At the SP metadata in eduID.at, SWITCHaai, InCommon,
RENATER I
> can see:
> > eduPersonEntitlement (required)
> > eduPersonTargetedID (required)
> >
> > It illustrates different approaches around the world how to
> express
> > optional ePTID release
> > in SP metadata and a challenge for one appropriate SP
> metadata in
> > eduGAIN serving globally.
> > To me
> > eduPersonEntitlement (required)
> > eduPersonTargetedID (optional)
> > seems as the most appropriate.
> >
> > Cheers
> > Jiri
> >
> >
> > 1.
> >
>
https://met.refeds.org/met/entity/https%253A%252F%252Fsdauth.sciencedirect.com%252F/
> >
>
<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmet.refeds.org%2Fmet%2Fentity%2Fhttps%25253A%25252F%25252Fsdauth.sciencedirect.com%25252F%2F&data=04%7C01%7Cjos.westerbeke%40eur.nl%7C79db2eedf41a41cdeec208d8e7ba85c2%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637514136761630378%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=HmuCXxy9%2F1bQBVkGnsrbBcRmNJP9DsiETfB4g6uP0L4%3D&reserved=0>
> >
> >
> >
> > On Mon, Mar 15, 2021 at 12:01 PM Koren, Meshna (ELS-AMS)
> > <M.Koren at elsevier.com <mailto:M.Koren at elsevier.com>
> <mailto:M.Koren at elsevier.com <mailto:M.Koren at elsevier.com>>> wrote:
> >
> > Please allow me to add something to this discussion. ____
> >
> > __ __
> >
> > "The university students and staff are free to use
> > personalisation at Lexis Nexis,
> > Elsevier, EBSCO, ProQuest services if they want to so
> > eduPersonScopedAffiliation (required)
> > eduPersonEntitlement (required)
> > eduPersonTargetedID (optional)..."
> >
> > ____
> >
> > The students and staff can only use personalization when
> the IdP
> > releases ePTID (or pairwiseID), otherwise they can't. I
> am not
> > sure that this is clear from the metadata nor that the
> labels we
> > use to describe the required attributes are very clear
> on what
> > 'optional' means.____
> >
> > __ __
> >
> > For example, when a student accesses ScienceDirect they
> can read
> > subscribed articles whether or not ePTID has been
> released for
> > them, but if they want to 'create account' because they
> would
> > like to save searches, alerts or their search history,
> they can
> > only do that if the IdP has released a persistent
> identifier for
> > them. Otherwise they can't, because there's nothing
in their
> > SAML assertions that allows us to recognize the returning
> > individual. So we are working towards requiring a
> persistent ID.
> > The personalization remains optional for the user.____
> >
> > __ __
> >
> > That may not be the same for other SPs, but it is
valid for
> > Elsevier. ____
> >
> > __ __
> >
> > Kind regards,____
> >
> > Meshna____
> >
> > __ __
> >
> > __ __
> >
> > *__ __*
> >
> > *Meshna Koren**____*
> >
> >
> > /Product Manager II____/
> >
> > */Product Management - Identity and Access/**/-
/**/Research
> > Products/**/____/*
> >
> > */__ __/*
> >
> > */Elsevier BV/*/____/
> >
> > /Radarweg 29, Amsterdam 1043 NX, The Netherlands____/
> >
> > /m.koren at elsevier.com <mailto:m.koren at elsevier.com>
> <mailto:m.koren at elsevier.com <mailto:m.koren at elsevier.com>>____/
> >
> > /__ __/
> >
> > /Federated Access - SAML, Shibboleth, Corporate SSO,
> OpenAthens,
> > Institutional Login____/
> >
> > /__ __/
> >
> > /Elsevier Access Support Center:
> >
>
https://service.elsevier.com/app/answers/list/c/10543/supporthub/elsevieraccess/
> >
>
<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fservice.elsevier.com%2Fapp%2Fanswers%2Flist%2Fc%2F10543%2Fsupporthub%2Felsevieraccess%2F&data=04%7C01%7Cjos.westerbeke%40eur.nl%7C79db2eedf41a41cdeec208d8e7ba85c2%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637514136761640371%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=s2nQIh1Mocby%2Fnr0uG61jf%2Fg%2FWgqr%2FfHj6MhuH5sHHs%3D&reserved=0>____/
> >
> > /for your questions about which access methods does
Elsevier
> > support, how to set them up, how do they work for
> users...____/
> >
> > /__ __/
> >
> > __ __
> >
> > __ __
> >
> > __ __
> >
> > __ __
> >
> > __ __
> >
> > *From:* FIM4L <fim4l-bounces at lists.daasi.de
> <mailto:fim4l-bounces at lists.daasi.de>
> > <mailto:fim4l-bounces at lists.daasi.de
> <mailto:fim4l-bounces at lists.daasi.de>>> *On Behalf Of *Jiri Pavlik
> > *Sent:* Sunday, March 14, 2021 15:28
> > *To:* Bernd Oberknapp <bo at ub.uni-freiburg.de
> <mailto:bo at ub.uni-freiburg.de>
> > <mailto:bo at ub.uni-freiburg.de
> <mailto:bo at ub.uni-freiburg.de>>>
> > *Cc:* fim4l at lists.daasi.de <mailto:fim4l at lists.daasi.de>
> <mailto:fim4l at lists.daasi.de <mailto:fim4l at lists.daasi.de>>
> > *Subject:* Re: [Fim4l] LexisNexis Advance____
> >
> > __ __
> >
> > **** External email: use caution ****____
> >
> > ____
> >
> > Hi Bernd,
> >
> > I see,
> > eduPersonScopedAffiliation (required)
> > eduPersonEntitlement (required)
> > is working for Freiburg University and
> > eduPersonScopedAffiliation (required)
> > eduPersonEntitlement (required)
> > eduPersonTargetedID (required)
> > is not.
> >
> > The university students and staff are free to use
> > personalisation at Lexis Nexis,
> > Elsevier, EBSCO, ProQuest services if they want to so
> > eduPersonScopedAffiliation (required)
> > eduPersonEntitlement (required)
> > eduPersonTargetedID (optional)
> > is working for the University as well.
> >
> > Is it correct?
> >
> > All the best
> >
> > Jiri____
> >
> > __ __
> >
> > ____
> >
> > On Sat, Mar 13, 2021 at 2:40 PM Bernd Oberknapp
> > <bo at ub.uni-freiburg.de
> <mailto:bo at ub.uni-freiburg.de> <mailto:bo at ub.uni-freiburg.de
> <mailto:bo at ub.uni-freiburg.de>>>
> > wrote:____
> >
> > Hi Jiri,
> >
> > On 13.03.21 09:15, Jiri Pavlik wrote:
> >
> > > When checking ProQuest SP for ProQuest
> Central
> > in DFN-AAI metadata [1]
> > > I can see both eduPersonEntitlement and
> > eduPersonTargetedID as required
> > > attributes.
> >
> > I assume you mean the SP
> > https://shibboleth-sp.prod.proquest.com/shibboleth
> >
>
<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fshibboleth-sp.prod.proquest.com%2Fshibboleth&data=04%7C01%7Cjos.westerbeke%40eur.nl%7C79db2eedf41a41cdeec208d8e7ba85c2%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637514136761640371%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=bosxymzT3WPyXBdeX0NnT5AvLDmTecE%2BEbZe6krDBwk%3D&reserved=0>?
> > That's obviously
> > wrong, both eduPersonScopedAffiliation and
> > eduPersonEntitlement are
> > supported for authorization, but as far
as I can
> > tell you don't have to
> > use them, and eduPersonTargetedID isn't
> required.
> >
> > > Is it safe to assume that if there is
> > personalisation capability at a
> > > library service then all German
> universities,
> > libraries are fine with
> > > releasing eduPersonTargetedID for
> recognising
> > returning users and
> > > eduPersonEntitlement,
> eduPersonScopedAffiliation
> > for authorisation?
> >
> > No. I can't speak for other IdPs, but in my
> opinion
> > that approach would
> > be wrong, users by default should be able
to use
> > services anonymously,
> > without being recognized as a returning
> user. Based
> > on what I can see in
> > the admin tools, only a very small
> percentage of our
> > users actually uses
> > the personalization features, so releasing
> > eduPersonTargetedID by
> > default just for personalization isn't an
> option. If
> > publishers would
> > force us to send an eduPersonTargetedID
just for
> > personalization I would
> > consider dropping Shibboleth for those
> publishers
> > and using our EZproxy
> > instead.
> >
> > Best regards,
> > Bernd
> >
> > --
> > Bernd Oberknapp
> > Gesamtleitung ReDI
> >
> > Albert-Ludwigs-Universität Freiburg
> > Universitätsbibliothek
> > Platz der Universität 2 | Postfach 1629
> > D-79098 Freiburg | D-79016 Freiburg
> >
> > Telefon: +49 761 203-3852
> > Telefax: +49 761 203-3987
> > E-Mail: bo at ub.uni-freiburg.de
> <mailto:bo at ub.uni-freiburg.de>
> > <mailto:bo at ub.uni-freiburg.de
> <mailto:bo at ub.uni-freiburg.de>>
> > Internet: www.ub.uni-freiburg.de
> <http://www.ub.uni-freiburg.de>
> >
>
<https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.ub.uni-freiburg.de%2F&data=04%7C01%7Cjos.westerbeke%40eur.nl%7C79db2eedf41a41cdeec208d8e7ba85c2%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637514136761650360%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=eLOZmpzI51ttj9vd4uSNyCcFAAxIPZKUWoSATsoVq1k%3D&reserved=0>____
> >
> >
> >
>
------------------------------------------------------------------------
> >
> > Elsevier B.V. Registered Office: Radarweg 29, 1043 NX
> Amsterdam,
> > The Netherlands, Registration No. 33158992, Registered
> in The
> > Netherlands.
> >
> >
> > _______________________________________________
> > FIM4L mailing list
> > FIM4L at lists.daasi.de <mailto:FIM4L at lists.daasi.de>
> > http://lists.daasi.de/listinfo/fim4l
> >
>
>
> --
> Bernd Oberknapp
> Gesamtleitung ReDI
>
> Albert-Ludwigs-Universität Freiburg
> Universitätsbibliothek
> Platz der Universität 2 | Postfach 1629
> D-79098 Freiburg | D-79016 Freiburg
>
> Telefon: +49 761 203-3852
> Telefax: +49 761 203-3987
> E-Mail: bo at ub.uni-freiburg.de <mailto:bo at ub.uni-freiburg.de>
> Internet: www.ub.uni-freiburg.de <http://www.ub.uni-freiburg.de>
>
> _______________________________________________
> FIM4L mailing list
> FIM4L at lists.daasi.de <mailto:FIM4L at lists.daasi.de>
> http://lists.daasi.de/listinfo/fim4l
>
--
Bernd Oberknapp
Gesamtleitung ReDI
Albert-Ludwigs-Universität Freiburg
Universitätsbibliothek
Platz der Universität 2 | Postfach 1629
D-79098 Freiburg | D-79016 Freiburg
Telefon: +49 761 203-3852
Telefax: +49 761 203-3987
E-Mail: bo at ub.uni-freiburg.de
Internet: www.ub.uni-freiburg.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5627 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.daasi.de/pipermail/fim4l/attachments/20210315/cba9f6a6/attachment-0001.p7s>
More information about the FIM4L
mailing list