federated access management 2

Mon, Oct 6, 2008

We’ve wrapped up the FAM#1 project, which was brought forward to deal with the funding being withdrawn for the Shibboleth to Athens Gateway, which allowed us to access electronic resources held within Athens using our UHI credentials. We closed that project in August after the selected resources went live in the UK Access Management Federation and the librarians were pleased with the results. So last Friday, myself, Elizabeth and Tony met in Inverness to work on the FAM#2 project plan.

Elizabeth and Tony

The current situation is shown below, where at the moment we access EDINA and MIMAS resources via the UK Federation, directly via Shibboleth, while we still access resources such as those hosted on the EBSCOHost platform indirectly via Shibboleth and OpenAthens. The main difference is the resources in OpenAthens all share the same Service Provider (SP), the Shibboleth to Athens Gateway, which is now an integral part of OpenAthens, while the resources in the federation are directly accessible as SPs in their own right.

Overview of mixed access to resources

So the FAM#2 project’s primary goal is to support the migration of all our electronic resources from OpenAthens (which we pay for) to the JISC funded UK Access Management Federation (which we don’t have to pay for). This is dependent on suppliers shibboleth enabling their resources so there are no fixed milestones for individual resources. It also means it’s almost impossible to know when a resource will be migrated as it depends on two things:

  • When the supplier adds shibboleth functionality to the resource.
  • Whether the resource has user personalisations to be migrated.
The former is out of our hands, while the latter often requires some middleware to be developed, as in the case of RefWorks, where we need to develop a web services client to migrate personalisations from “Athens accounts” to “shibboleth accounts”. This is where the middleware used to access the resources makes its presence felt, despite the fact that middleware should never be visible to users. If it is, its broken. So to maintain continuity of access, we have to do some middleware glue to hide the main middleware from the users. Not a bad thing and certainly interesting. Talk of middleware does have a strange effect on people though:

T and E

As the project will run for a year, we’re going to iteratively produce migration bundles, which will consist of the following:

  • A set of electronic resources that are shibboleth enabled, ready to be moved from OpenAthens.
  • A set of documentation on how to access the selected resources via the federation.
  • A set of test results showing that the resources are accessible from all partner sites.
Categories = [

comments powered by Disqus