Hi David,
Thank you for your
inquiry. I provided answers to your questions below. If you are interested in
starting the federation setup process for InCommon Shibboleth access, I've
attached our overview document.
Please let me know how
you would like to proceed and if you have any additional questions. I look
forward to hearing from you.
Best regards,
- Tilla
1. What
are the minimum attributes you require from an Identity Provider for basic
Shibboleth authentication? [Edmunds, Tilla (TS USA)] We require at least one attribute which can be blank, if
applicable. (See the setup form for reference - http://science.thomsonreuters.com/info/shibbolethsetup/)
2. What additional services, if any, do you provide through
Shibboleth beyond basic login, for example, personalization. If you do provide
additional services, what is required to enable them? [Edmunds,
Tilla (TS USA)] We currently support Shibboleth for basic access
authentication for Web of Knowledge and registration for Endnote Web. Our
current support does not log the user into a personalized session but we are
looking to do that in a future release.
3. Do you support "WAYFless" access, that is, access
that does not require a user to identify where they are from in order to reach
his or her local authentication system? [Edmunds,
Tilla (TS USA)] This will be supported in the release due
out this month.
4. Do you support direct Shibboleth-authenticated links to
resources? [Edmunds, Tilla (TS USA)] Not at this time.
5. Who should libraries contact if they want to set up Shibboleth
access to your site or if they have questions or problems? [Edmunds,
Tilla (TS USA)]
Federation Setup - Tilla Edmunds
(administrative),
and Chris Ireland (technical),
Member Setup - Form http://science.thomsonreuters.com/info/shibbolethsetup/
; TS Web Entitlements (questions/issues),
• • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• •
Mathilda Edmunds
Manager, Product Development
Research Software
Healthcare & Science
Thomson Reuters
O +1 215 823 6175
F +1 215 387 4706
thomsonreuters.com
scientific.thomsonreuters.com
This email is for the sole
use of the intended recipient and contains information that may be privileged
and/or confidential. If you are not an intended recipient, please notify
the sender by return email and delete this email and any attachments.
From: David Kennedy [mailto:]
Sent: Thursday, July 09, 2009 9:38
AM
To: Edmunds, Tilla (Scientific USA)
Cc:
Subject: Thomson Reuters and
InCommon Library Services Collaboration
Tilla,
I
am writing you on behalf of the InCommon Library Services Collaboration.
We
represent a group of research libraries who are working to expand the use of
Shibboleth among members of the InCommon federation. As part of that effort, we
are gathering information from vendors about how they have implemented
Shibboleth. By making this information more accessible, we hope to make it
easier for libraries to use the technology. We also would like to help develop
common practices among vendors that would simplify the implementation process
for everyone involved and make Shibboleth an attractive option for users.
We
think that expanding the use of Shibboleth will help you in various ways:
1. Provide a more secure means of access than IP authentication.
2. Provide better tools for identifying who is responsible when breaches
occur.
3. Make it possible for users to take advantage of personalized features
on a site without requiring them to open a local account maintained by the
vendor.
4. Help to start moving away from IP-based authentication and the
overhead it requires.
We
ask that you answer the following questions, as they relate to your products
and services:
1. What are the minimum attributes you require from an Identity Provider
for basic Shibboleth authentication?
2. What additional services, if any, do you provide through Shibboleth
beyond basic login, for example, personalization. If you do provide additional
services, what is required to enable them?
3. Do you support "WAYFless" access, that is, access that does
not require a user to identify where they are from in order to reach his or her
local authentication system?
4. Do you support direct Shibboleth-authenticated links to resources?
5. Who should libraries contact if they want to set up Shibboleth access
to your site or if they have questions or problems?
We
appreciate your willingness to help us in this effort.
David
Kennedy, Duke University
Adam
Chandler, Cornell University
Andy
Ingham, University of North Carolina, Chapel Hill
Jonathan
Lavigne, Stanford University
Kent
Percival, University of Guelph
Joy
Veronneau, Cornell University
Jason
Zavar, OCLC
Fred
Zhang, Michigan State University
Foster
Zhang, Johns Hopkins University
[please send response email to
]
-----
David Kennedy
Systems Programmer
Perkins Library, Duke
University
(919) 613-6831
