[WEB4LIB] Remote Access Solution?

[Andrew Mutch]

Thanks to Dan and Bill Jenkins for clarifying this issue for me. I didn't realize
that EZProxy was also capable of managing that element of the process. It sounds
like it will let me do everything that the staff wants for remote access. Imagine
that! Now I can see why so many of the EZProxy users have sung its praises.

Andrew Mutch
Library Systems Technician
Waterford Township Public Library
Waterford, MI

Dan Lester wrote:

> Tuesday, July 16, 2002, 3:17:03 PM, you wrote:
>
> AM> 1) A single point of authentication
>
> Yes.
>
> AM> 2) Authentication wouldn't be required until the patron actually
> AM> selected a database to access. It was felt that the current process
> AM> doesn't give patrons any kind of information before
> AM> asking them for their barcode number. In the ideal case, patrons
> AM> would get an idea of what they are getting before having to authenticate.
>
> Absolutely.  Look at   http://library.boisestate.edu/indexes/
>
> AM> 3) Once a patron authenticates for one database, they should not have to
> AM> authenticate again in the same session.
>
> They don't have to.  Once they've authenticated to EZProxy they're OK
> until they close the browser.  EZProxy handles the cookies.
>
> AM> 4) Only use a single set of pages. I don't want to have to maintain
> AM> two sets of pages, one for use in the library and one for use outside
> AM> the library, if I can help it.
>
> You won't.  We have one page for the list of indexes, cited
> above.  We have one authentication page.  Contact me off list and I'll
> give you a logon that will work for access to these so you can test it
> out and see if it doesn't do what you want.
>
> AM> Items 1, 2 and 4 don't appear to be that difficult to achieve. I can
> AM> think of two approaches for having one set of pages handle in-house and
> AM> remote users:
>
> AM> A) Use EZProxy to allow all users to appear as if they are accessing
> AM> the databases locally. I have a license for EZProxy so this is an
> AM> option. One issue I haven't figured out is how to
> AM> keep out unauthorized users.
>
> Within the library anyone can use the system.  For outside your IP
> range they have to authenticate, using whatever scheme works for you.
> We have a simple list of ID number and Phone number pairs that are
> extracted from our patron database.  It is a flat text file of the
> form:
> 12345654:1234
> 34568987:4567
>
> AM> B) Use an IP detection script on each link that would either pass
> AM> the user along to the appropriate database or send them to the
> AM> authentication page.
>
> EZProxy does all that for you.
>
> AM> The trick here for me is #3. Once I have authenticated a user,
> AM> how do I keep them from having to authenticate more than once?
> AM> I'm guessing that the solution to this is setting a session
> AM> cookie that gets checked in some way. But I haven't done anything
> AM> with cookies in this way. Or maybe there is a better way to do this?
> AM> I'm sure there is a way to have my cake and eat it
> AM> too. I just don't know where I should be directing my efforts here.
>
> Again, EZProxy does it all for you.
>
> If those of us up in the deserts of Idaho can do it, I'm sure you can
> too.  Really simple.  Contact me off list if you want more info.
>
> cheers
>
> dan
>
> --
> Dan Lester, Data Wrangler  dan at RiverOfData.com 208-283-7711
> 3577 East Pecan, Boise, Idaho  83716-7115 USA
> www.riverofdata.com  www.gailndan.com  Stop Global Whining!