↓ Archives ↓

6.9.1 Current Authentication and Authorization mechanisms

The Open University uses two main authentication and authorization mechanisms to provide access to library resources such as ejournals, ebooks and online databases. These are:

There are also a few resources (approximately 45 as of 23/2/2010) which have resource specific usernames and passwords. The details of these are made available through a web page that is only accessible by members of the Open University.

When providing links to users, the library generally provides links that work equally well for on- and off-campus users. The usually means directing links via EZProxy.

As an example, the URL for the resource “19th Century British Newspapers” (provided by Gale Cengage Learning) is:

http://find.galegroup.com/bncn

This would work for an on-campus user, as the product would recognize the IP address of the requester as being a valid Open University IP address. However, this would not work effectively from off-campus. For this reason the link provided by the library would be:

http://libezproxy.open.ac.uk/login?url=http://find.galegrou.com/bncn

Following this link will prompt the user to login to the Open University’s EZProxy service using their ‘SAMS’ (Standard Access Management System) username and password. This is the same username and password used to sign-in to many Open University services, including the course website (Moodle).

If the user has already signed in to the EZProxy service during the same browser session, they will not be prompted again, so after the first login, access for the user will be seamless.

As login via EZProxy does not include any personal details of the user, it is not appropriate for resources which require some level of ‘personal’ account. Many of these resources support Open Athens authentication, and the Open University uses Open Athens LA (Local Authentication) for this type of resource where possible. Open Athens LA allows users to access Athens authenticated resources while using an institutional username and password. At the Open University the login required is once again the SAMS username and password, and the login screen is the same as is presented when logging into the EZProxy service.

An example of a resource generally accessed via Open Athens LA is RefWorks, where it is necessary for the user to access a personal account. As with resources accessed using EZProxy, the library provided link is designed to take the user directly to the login page, before passing the user onto the resource, once authentication has taken place.

The other situation that might result in the use of Open Athens LA to sign-in to an online resource is where an off-campus user uses the resource using a link not provided by the library. For example, if the user were to find the RefWorks login page via the RefWorks homepage, rather than via a library provided link. In this case the user would see a number of login options, and would need to navigate to the ‘Athens’ login option to successfully authenticate. This can be a convoluted process, varies between resources, and often leads to confusion on the part of the user.

No Comment

Leave a Reply

Sorry, comments are closed.