Hi there,
It's exciting to hear that OpenAthens integration is in the works! We
have several libraries that will be very interested. Thanks also for
the detailed proposal and documentation.
I have a couple of questions. The proposal seems to assume that
Evergreen will be the authoritative identity provider, but I think that
often won't be the case for OpenAthens customers. Suppose I'm at a
post-secondary institution that uses a centralized Active Directory
service for single sign-on. I want students to use their SSO
credentials to be able to login to library resources including online
databases and the Evergreen OPAC, so ideally OpenAthens would
authenticate against my institution's Active Directory, not against
Evergreen. The development proposal says that resource-initiated login
must be delegated to Evergreen, which sounds like users would be
authenticated against EG instead of Active Directory. Am I
understanding correctly?
The proposal also says that only a single OpenAthens domain is allowed
for an entire Evergreen consortium. Are there technical limitations
that make this necessary? There will be cases where multiple libraries
sharing the same Evergreen instance will want to have their own
independent OpenAthens setup, but it sounds like the proposal precludes
that.
Thanks again! I'm looking forward to seeing where this goes.
Jeff Davis
BC Libraries Cooperative
On 2019-09-02 3:06 a.m., Julian Clementson wrote:
Hello everyone,
I'd like to introduce a new feature proposal and ask for your feedback.
Launchpad link - https://bugs.launchpad.net/evergreen/+bug/1842297
The feature will provide integration between Evergreen and OpenAthens, a
global cloud-based single sign-on service.
The background is that the GALILEO Consortium of libraries in Georgia
has selected OpenAthens to deliver a state-wide solution for single
sign-on, and this contract includes integrating Evergreen into
OpenAthens, so that PINES patrons can seamlessly access
OpenAthens-authenticated resources.
The OpenAthens development team has been contracted to implement the
integration on behalf of GPLS, and I've been assigned as the lead
developer for the project. I demonstrated a proof of concept to selected
representatives of the Evergreen community and the PINES consortium back
in July. The aim is to get this feature accepted into an upcoming
release so that it is ready for PINES to start using towards the end of
the year.
I have now documented the feature in detail on DocuWiki - see
https://wiki.evergreen-ils.org/doku.php?id=dev%3Aproposal%3Aopenathens_integration
I have also published the proposed code changes and documentation,
subject to community review of course - see
https://github.com/openathens/Evergreen/commit/ed85f8f82795e4439315e897438d75e99e0e7cde
I welcome feedback and discussion, so as to improve the feature
description and get the code into a state where the community is happy
to accept it.
Thank you and kind regards,
Julian
─────
*Julian Clementson*
Full stack software engineer
*T*
+44 (0)20 3998 9178
*W*
openathens.org <https://openathens.org/>
Open Athens
────────────
OpenAthens is a Jisc enterprise. Jisc is a registered charity (number
1149740) and a company limited by guarantee which is registered in
England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc's
registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T
0203 697 5800.
