Hi all,
I'd like to have our EZProxy server authenticate users using SIP2,
which is totally supported and documented here:
http://www.oclc.org/support/services/ezproxy/documentation/usr/sip.en.html.
However, I am not enthusiastic about sending unencrypted patron login
information over Telnet or raw sockets, and neither is our ILS
sysadmin. I'd like to figure out a way to perform the SIP2
authentication/authorization check over SSH, but am not quite sure how
best to do that. Do either of these approaches make sense?
* Installing stunnel on the EZProxy server to encrypt the outgoing and
incoming SIP2 traffic.
* Writing a custom external script that would handle the whole auth
process: SSHing into our SIP server and seeing if the user is legit.
Here's what EZProxy has to say about this type of option:
http://www.oclc.org/support/services/ezproxy/documentation/usr/external.en.html
-- I'd have to write some code to handle the SIP auth rather than
using EZProxy's built-in option, but my ILS has pretty good
documentation for its SIP implementation.
Am I missing some simpler option? Our EZProxy is running on a Windows
machine, by the way, and we use Evergreen as our ILS. I'd love any
advice or suggestions that you seasoned EZProxy experts can share.
Appreciatively,
-Jane
--
Jane Sandberg
Electronic Resources Librarian
Linn-Benton Community College
sandbej_at_linnbenton.edu / 541-917-4655
Received on Fri Jan 23 2015 - 13:28:13 EST