inc-librsvcs - Re: [inc-librsvcs] Authentication plus authorization in EZproxy

Subject: InCommon Library Services

List archive

Re: [inc-librsvcs] Authentication plus authorization in EZproxy

From: Rich Wenger <>
To:
Cc: inc-librsvcs <>
Subject: Re: [inc-librsvcs] Authentication plus authorization in EZproxy
Date: Fri, 03 Apr 2009 15:01:53 -0400

wrote:

Ultimately, the vendor has to decide whether or not to let the user in. In this case, the vendor may be configured to ONLY accept requests from the IP address of your EZP server (rather than any address on the MIT network). That's their access control policy. And if I can figure out a way around it, then I'm into their service....

You're helping them.... and doing a good job of it. But, ultimately, it still their problem and responsibility....

Not if we've signed a license contract that commits us to a good-faith effort to control access,
which is the situation we are in with some vendors. It's not clear to me where the leverage
to force changes on the vendors will come from.

Rich Wenger

Authentication plus authorization in EZproxy, Rich Wenger, 04/02/2009
- Re: [inc-librsvcs] Authentication plus authorization in EZproxy, David Kennedy, 04/02/2009
  - Re: [inc-librsvcs] Authentication plus authorization in EZproxy, Paul B. Hill, 04/02/2009
    - RE: [inc-librsvcs] Authentication plus authorization in EZproxy, Foster Zhang, 04/02/2009
    - Re: [inc-librsvcs] Authentication plus authorization in EZproxy, Steven_Carmody, 04/03/2009
      - Re: [inc-librsvcs] Authentication plus authorization in EZproxy, Rich Wenger, 04/03/2009
        
        Re: [inc-librsvcs] Authentication plus authorization in EZproxy, Tom Barton, 04/03/2009
        
        Re: [inc-librsvcs] Authentication plus authorization in EZproxy, Steven_Carmody, 04/03/2009
        
        Re: [inc-librsvcs] Authentication plus authorization in EZproxy, Rich Wenger, 04/03/2009

List archive

Re: [inc-librsvcs] Authentication plus authorization in EZproxy