April 11, 2006
The Ex Libris™ Group is pleased to announce that the Patron Directory Services (PDS) module was successfully Shibbolized by a number of MetaLib® customers in Finland, the US, and the UK. Shibbolizing PDS — adjusting the service to enable access via Shibboleth* — provides a seamless single sign-on (SSO) environment for MetaLib users.
Ex Libris has been involved in the Internet2/MACE (Middleware Architecture Committee for Education) Shibboleth project from its inception. The Companys first integration project, which began in 2001, explored the feasibility of context-sensitive linking within the Shibboleth framework. The result of this effort established the Ex Libris SFX® link resolver as a Shibboleth target. The knowledge and experience gained since this initial trial provided a good foundation for the Companys recent PDS/Shibboleth integration work with MetaLib at the National Library of Finland (FinELib), the University of Maryland and Affiliated Institutions (USMAI) in the US, and the University of Newcastle upon Tyne in the UK.
Each of the MetaLib customers mentioned above implemented Shibboleth to meet the unique requirements of its institution. The general implementation of PDS/Shibboleth for MetaLib user authentication at FinELib and USMAI is similar whereas the integration at the University of Newcastle differs slightly. At Newcastle, a user with a Shibboleth session is automatically logged in to MetaLib – SSO is fully configured – while users who do not have a Shibboleth session access MetaLib as guests. At FinELib and USMAI, users access MetaLib as guests with Shibboleth authentication invoked only after a subsequent login request by the user.
The Finnish higher education institutes chose Shibboleth over LDAP and other authentication mechanisms for its security and use of well-known protocols and standards, explain Ari Rouvari, Portal Project Manager, and Ere Maijala, Portal Systems Analyst, at Nelli Portal—The Finnish National Electronic Library Interface. Shibboleth is open and can be integrated into a wide variety of backend systems. It is also fairly easy for our customers to implement. After the organization has implemented the Identity Provider and joined the federation, we only need a few minutes to turn on Shibboleth for the organization in Nelli Portal. Shibbolizing Nelli has been an interesting experience and the cooperation with Ex Libris has been rewarding. It is good to see this new technology work so well in a live environment and benefit end users as well as administration.
We are also Shibbolizing the library catalogs and other services to provide users seamless transition from one service to another, they add.
Dr. Charles Lowry, Dean of Libraries at the University of Maryland outlines: “Shibboleth authentication offers the opportunity for us to simplify the life of the patron while at the same time protecting IP rights and assuring that the users are who they say they are. In some measure this is the technological equivalent of cutting the Gordian knot. It is a long needed means of mimicking the first authenticated networks at Stanford, MIT, and Carnegie Mellon, developed in the early days of distributed computing.”
Ex Libris continues to see the importance of the Shibboleth initiative as it offers a standards-based, scalable solution to a challenge that many institutions face, asserts Oren Beit-Arie, Chief Strategy Officer at Ex Libris. We appreciate the collaborative efforts and contributions of FinELib, USMAI, and the University of Newcastle upon Tyne in our recent projects – we have greatly benefited from their participation. We are pleased to see the resulting PDS/Shibboleth integration with MetaLib now deployed in real-life environments, including two large-scale consortia. As we learned from institutions, integrating Shibboleth with existing library services and institutional infrastructure can present challenges, and we hope that these successful implementations will provide good input for other institutions to follow. We remain committed to the Shibboleth initiative and look forward to further deployments in other MetaLib institutions.
Shibboleth is an Internet2/MACE (Middleware Architecture Committee for Education) initiative to develop an open, standards-based solution to meet the need for organizations to exchange information about their users in a secure and privacy-preserving manner. Shibboleth provides a framework for establishing a single sign-on environment where all applications are able to communicate with a central service, under the control of the institution, in order to gain authentication details. Through the Shibboleth architecture, each application can query the users authentication and authorize them to use the specific functionality, or in MetaLibs case, search the specific resources which their permissions allow.
For additional information on Shibboleth, please see: http://shibboleth.internet2.edu/
About Ex Libris:
Ex Libris is a leading worldwide developer and provider of high-performance applications for libraries, information centers, and researchers. ALEPH® 500, the Ex Libris integrated library solution, has been installed at over 1500 sites in 62 countries. MetaLib, the information portal for library collections, and SFX, the context-sensitive linking solution for heterogeneous electronic resources in the scholarly information environment, have collectively been purchased by more than 900 institutions in 36 countries. DigiTool®, a solution for the construction of digital collections, and Verde®, the electronic resource management (ERM) system, complete the Ex Libris product suite.