Access Control, Anyone?

James Cayz cayz at del-aware.lib.de.us
Wed Feb 26 15:21:34 EST 1997 

All,

	With Boston and all that noise about "Content Control", I figured
I would shift (grind?) gears and bring up the question of "Access
Control".  I have rattled this around Delaware, and the dynix_l newsgroup,
and maybe someone _here_ on web4Lib can help with.... 

	What do PUBLIC libraries do with respect to authentication of
users of public internet access?  In-library, dial-up, remote access to
licensed databases (ala patron using AOL), etc.

	Two issues that I am facing are:
	1) Patrons who use AOL, or other ISP's wanting to access databases
we have licensed (which are Web-based, at the vendors' sites.)
	2) Logging / Identifying in-library patrons using the internet who
might abuse other systems / people by using "writable" programs such as
e-mail or telnet.

	Suggestions of "just don't do that" will be accepted, but not
considered helpful :-) :-).


	Now, to make things more interesting....

	I have built a state-wide, client-server based authentication
system that works fine for centralized services, where I can write a shell
that prompts for a barcode before giving the user access to lynx or vista
databases, but myself and several other vendors / libraries are looking
for a set of similar solutions that work in the GUI environment, as
described above. 

	My IDEAL scenario to solve #1 would be a web page that validates a
barcode & PIN  (easy), and then does a re-direct to a special page at the
vendors site (also easy), and maybe sends a cookie for verification (maybe
not so easy).  So, it sounds easy... Anyone doing this with a vendor now?
 
	For #2, I'm looking for a front end Windows 3.1 -> NT compatible
program that verifies information supplied by the user, using a remote
host database lookup, and if successful, logs information, time & date,
and sub-launches another program (call it "browserX"). But if the PC goes
idle for a preset time, kill browserX, and start over.  Of course, this
would best be "off-the-shelf", but.... 

	I hope that someone out there has already "been there, done that",
and willing to share experiences.

	I _will_ summarize back to the group.

	Thanks in Advance

	James Cayz

+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+
[ James Cayz: cayz at lib.de.us  # Voice 302-739-4748 x130 / Fax 302-739-6948 ]
[ Delaware Division of Libraries # 43 S. DuPont Hwy / Dover, DE 19901-7430 ]
+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+

More information about the Web4lib mailing list