Fri, Nov 11, 2005
As we’re live through the Athens Shibboleth Gateway, we put a link to My Athens in our development CLAN and started testing the gateway. In principle, it’s a great idea, using your UHI Identity to authenticate to Athens resources. Too good to be true? Unfortunately yes. Here’s what we found.
Summary Once you’ve found your institution and authenticated at your IdP, you’re then redirected seamlessly to the list of resources. However, it’s not obvious how you search in the first place. There’s no information on the My Athens page on how to use the gateway.
Summary A definite non starter due to the dead end page. If the cookie isn’t set, a user will be lead down the path to the resource list and dumped in the middle of electronic nowhere.
Summary The easiest way to access an Athens resource through the gateway, though providing a redirection service for staff to construct user friendly URLs is advised.
Summary It’s a showstopper for us.
So, what are our conclusions? We can live with linking to resources directly but the cookie problem means we can’t offer this as a production service. The word on the street is it will probably be a temporary issue as more and more resources as gateway enabled. However, I think it’ll be a problem for a long time yet as even some of our resources which are advertised as gateway enabled and are visible in the list of resources through the gateway, are not in fact gateway enabled. More confusion for our users.
Local authentication is definitately the way ahead though and we await developements at Eduserve with baited breath.