Re: [CODE4LIB] Q: Discovery products and authentication (esp Summon)
Hi Jonathan, My library colleagues consider this to be an very important issue. For Primo, users must be authenticated by login or IP address for Web of Science results to be included from Primo Central, and they must be logged in for EBSCO results to be included (i.e. even on campus.) The Web of Science results are important for finding stuff we've purchased/subscribed to, there's a lot which is not otherwise covered by metadata in from the primary publishers or other sources. Journal articles in the EBSCO full text databases are well covered by Primo Central (as Ex Libris takes pains to point out) but stuff like market reports and country profiles aren't yet, and our librarians are keen for those results to be included. Rather than advertising the URL for the Primo search page, I came up with a way of putting a single search box on our library home page which, once a search has been submitted, checks whether the user is already logged into CAS (Single Sign-on) and if not asks the user to choose between logging in or continuing as a guest. A cookie's set to remember their choice. If they are logged in, or choose to log in, it redirects to a URL which makes Primo log in using CAS. Unfortunately it doesn't work 100% of the time, I think because the Ex Libris PDS (which is their own SSO system) complicates it so much that the query is sometimes lost from the URL during one of the many redirects. It hasn't caused any complaints, but it might be better to scrap the search box on the library home page and just have a link to Primo which does the login check first. Cheers, Laurence Lockton University of Bath UK Date:Wed, 24 Oct 2012 12:16:27 -0400 From:Jonathan Rochkind rochk...@jhu.edu Subject: Q: Discovery products and authentication (esp Summon) Looking at the major 'discovery' products, Summon, Primo, EDS ...all three will provide some results to un-authenticated users (the general public), but have some portions of the corpus that are restricted and won't show up in your results unless you have an authenticated user affiliated with customer's organization. So when we look around on the web for Summon and Primo examples, we can for instance do some sample searches there even without logging in or being affiliated with the particular institution. But we are only seeing a subset of results there, not actually seeing everything, since we didn't auth. But most of these examples I look at don't, in their UI, make this particularly clear. This leads to me wonder if, in actual use, even for customers who _could_ login to see complete results -- anyone ever does. So very curious to get an answer from any existing customers as to this issue. Do the end-users realize they will get more complete results if they log in? Do you have any numbers (or other info, even if not cold stats) on how many end-users choose to log in to see more complete results? If nobody ever authenticates to see more complete results then the subset available to un-authenticated users essentially _is_ the product, the extra stuff that nobody ever sees is kinda irrelevant, no? Anyone who is a current customer of Summon/Primo/EDS want to say anything on this topic? Would be helpful. --
Re: [CODE4LIB] Q: Discovery products and authentication (esp Summon)
On 10/24/12 8:58 PM, Ross Singer wrote: On Oct 24, 2012, at 6:06 PM, Gary McGath develo...@mcgath.com wrote: On 10/24/12 4:00 PM, Ross Singer wrote: On Oct 24, 2012, at 3:48 PM, Gary McGath develo...@mcgath.com wrote: With AJAX, a resource can be brought up by refreshing part of an existing page rather than as a whole new page. If the page is expecting, for example, a JPEG image, and the request for the image is redirected to a login page because it's restricted, then the page won't get back an image, but instead will get back the HTML for the login page. The HTML img tag can't do anything with this, and it will merely fail to display the image. What does this have to do with discovery interfaces? The issue is generic to any web application that has a mix of public and restricted resources and may encounter restricted ones at unexpected times, such as was being discussed with discovery interfaces. The discovery interface knows what is restricted. That's why it's saying you don't have access to them until you log in. Agreed. Also, why wouldn't your AJAX-enabled app be prepared for such an event? Are you asking how an AJAX-enabled application can handle such cases? No, I know how an AJAX-enabled application should handle such cases, I'm saying why, if you're implementing an AJAX-enabled application, why you think this would be an issue. Because I just don't see this being an issue. This has always been a tricky thing to explain; it's not just you, if that's any consolation. Someday I'll figure out how to make it clear on the first try. The point is that if a service redirects to a login page, it assumes the browser can display the login page. Normally this is true, but only if the resource would be delivered as a web page. AJAX components are received as elements, not pages. If you like, I can go into more detail off-list. This is really too much of a side technical issue to be worth taking up a lot of space on the list. I'm not sure this is the appropriate venue for getting into the technical details, and I've encountered the problem without having managed to implement a solution, but I'll briefly cover how I'd attack the problem. If the resource redirects to an HTML login page, the Ajax code can't make any sense of that, so it can't be prepared for such an event. Sure it can. I mean, no matter what, you're constrained by same origin policy, so any 'login' is going to be something local, so it seems pretty easy to account for. It's a matter of the difference between, for example, the src attribute of an img tag and a web page. Again, I don't want to turn this into a full-fledged programming discussion on-list. Bringing JSONP and CORS into the mix doesn't really change anything, as I can't imagine you're just blindly pulling in content from some external site. However, if the response has an HTTP code indicating that authentication is required, the Ajax error handler can dispatch on the code and dispatch an event which is handled at the page's top level, forcing the whole page to redirect to the login. This is doable but a bit messy and reduces the value of AJAX. Giving an indication that not all resources could be loaded and providing the option to log in is cleaner. AJAX isn't some magical potion that eliminates the need to plan and engineer your app. I don't think 'accounting for the web being a messy place' reduces the value of AJAX. It means you have to earn your keep. You know, as a professional software developer. I've been trying to respond to you seriously, but at this point you're really starting to sound like a troll. Addressing a technical issue by saying you have to earn your keep is no answer at all, particularly when you aren't paying me. There are lots of things everywhere (not just library-related) that require logins. The internet hasn't broken as a result. I'm afraid I don't understand how this relates to what I was discussing. Which goes back to how I don't understand what AJAX has to do with the fact that some things aren't, by default, being displayed in discovery interfaces. I didn't deny either of those points (though the Internet is always in a partly broken state). By require login, do you mean automatically redirect a request for a restricted resource to a login page? I find that's more the exception than the rule. Depends. There's tons of content that requires a login to see: stuff in VLEs; Facebook statuses; corporate intranets; Pinboard bookmarks; subscriber paywalls; etc. I think there's no end to the creative ways that developers and designers block public access to things. Then why are you so insistent on auto-redirect as the only way to do it? I can't check every one of the things you mention, but Facebook statuses in particular do _not_ auto-redirect to a login page. Perhaps you really don't understand the difference between auto-redirecting a resource to a login
[CODE4LIB] Crappy AJAX (was: [CODE4LIB] Q: Discovery products and authentication (esp Summon))
On Oct 25, 2012, at 6:46 AM, Gary McGath wrote: On 10/24/12 8:58 PM, Ross Singer wrote: On Oct 24, 2012, at 6:06 PM, Gary McGath develo...@mcgath.com wrote: On 10/24/12 4:00 PM, Ross Singer wrote: On Oct 24, 2012, at 3:48 PM, Gary McGath develo...@mcgath.com wrote: Also, why wouldn't your AJAX-enabled app be prepared for such an event? Are you asking how an AJAX-enabled application can handle such cases? No, I know how an AJAX-enabled application should handle such cases, I'm saying why, if you're implementing an AJAX-enabled application, why you think this would be an issue. Because I just don't see this being an issue. This has always been a tricky thing to explain; it's not just you, if that's any consolation. Someday I'll figure out how to make it clear on the first try. The point is that if a service redirects to a login page, it assumes the browser can display the login page. Normally this is true, but only if the resource would be delivered as a web page. AJAX components are received as elements, not pages. If you like, I can go into more detail off-list. This is really too much of a side technical issue to be worth taking up a lot of space on the list. You didn't answer the question -- why would you not have some sort of check on the AJAX application (or any application, web or otherwise) to do at least minimal sanity checking on the result of an external call? In the case of something requiring authentication, if it's a well designed back-end, it should return some HTTP status other than 200; 401 or 403 would be most appropriate. I've unfortunately worked with ColdFusion in the early days before they added cfheader to allow you to change the status code so that it was something other than 200. I've also seen websites that cheat to install a 'handler' for all requests by linking to a PHP script using Apache's 404 ErrorHandler directive. This also has the side effect that search engines won't index your site at all (as they assume it's all errors) In both of these cases, I'd say the service is poorly designed if you can't easily identify a failure. You can send a login page along with your 401 status, but you *should* *not* send a 30x redirect to a login page, as then the actual status message is lost. (the content hasn't been moved ... you just want someone to go to the login page ... the HTTP specs don't forbid a Location field w/ a 40x status, although I admit I've never verified that major browsers support it) If you have something pulling in content using something AJAX-like, and it *doesn't* check the result, then the client's poorly designed as well. It might be something as simple as checking to ensure that expected elements are included in the response. The only valid example that I can think of where you may have blind inclusion (ie, you don't have a chance to verify what the results are before displaying) are frames (including iframes) and image links. I'm assuming we've all see those horrible websites that have a 'authentication required' message for every frame, but images are a little more subtle. The best thing to do for images is to serve an image back in response, rather than HTML. It's not a new thing; I remember doing it back when I worked for a university in the mid 1990s. We had your standard 'image-counter' CGI ... but when we realized that the majority of HTTP-referers were from outside the university, it was changed to instead return an image that said 'access denied' or something similar. -Joe
[CODE4LIB] Oral History Metadata Best Practices
Hi Library-Coders, My colleagues and I are researching best practices in recording metadata for Oral Histories for an article tentatively accepted for publication. We're looking for input from practicing librarians, archivists, and historians. In particular we'd like to know what encodings (e.g. MARC, EAD, METS, etc.) people are using and how happy (or unhappy) they are with them. Also what fields are people using to enter their data? Any data-dictionaries or templates showing required, repeatable, non-repeatable fields would be welcome. So far we've discovered that with new digital technologies allowing much easier collection and retransmission of oral histories, creation is booming; standards not so much. We would appreciate input from anyone who is willing to share their procedures. As mentioned above, we are planning to publish an article, but we will, of course, ask permission, before quoting anyone directly. Off-list responses are welcome. Please excuse duplication (cross-posting) and forward to interested colleagues. Thanks in advance for your help. JJ **Views expressed by the author do not necessarily represent those of the Queens Library.** Jane Jacobs Asst. Coord., Catalog Division Queens Borough Public Library 89-11 Merrick Blvd. Jamaica, NY 11432 tel.: (718) 990-0804 e-mail: jane.w.jac...@queenslibrary.orgmailto:jane.w.jac...@queenslibrary.org FAX. (718) 990-8566 Connect with Queens Library: * QueensLibrary.org http://www.queenslibrary.org/ * Facebook http://www.facebook.com/queenslibrarynyc * Twitter http://www.twitter.com/queenslibrary * LinkedIn http://www.linkedin.com/company/queens-library * Google+ https://plus.google.com/u/0/116278397527253207785 * Foursquare https://foursquare.com/queenslibrary * YouTube http://www.youtube.com/queenslibrary * Flickr http://www.flickr.com/photos/qbpllid/ * Goodreads http://www.goodreads.com/group/show/58240.Queens_Library The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.
Re: [CODE4LIB] Q: Discovery products and authentication (esp Summon)
We at GALILEO have thought about this. We authenticate everyone. If they're on campus it's by IP, if not, by password. So everyone sees everything. This also lets us define which EDS profile to direct the user to. -- Brad On 10/24/12, Jonathan Rochkind rochk...@jhu.edu wrote: On 10/24/2012 2:52 PM, Joe Hourcle wrote: Do they even get a message that they've been restricted? I would think that having a message such as : 74 records not shown because you weren't authenticated As far as I know, none of the products have the ability to tell them _how many_ records in the total result set have been suppressed. All of them have the capability, of course, to just tell users Some records may have been suppressed, try logging in. I was trying to get a sense of how many implementations use such a message, and if anyone knows if it results in logins. But I think my conclusion is that few implementers have thought about this, and most off-campus users probably don't get restricted content. :) Which may be just fine -- the amount of restricted content in a given product is also unclear (hard to compare between products, hard to even know for a single product if there's importnat 'restricted content' that's being missed). EDS is unique in having a weird way of suppressing content. If user is not authenticated, you get 'holes' in your result set. If you asked for a page of 10 results, you might only get 5 results, with 5 blank spots. On the one hand, this is a weird UI, on the other at least it makes it obvious you're missing content, and how many records from the _current page_ (if not the entire result set) have been suppressed. EDS does seem to have a fairly significant amount of restricted content, it's unclear if the other tools have around the same amount or less, like I said very hard to evaluate. would be enough to spur most folks to log in. What I hate is when you do a search for something that you *know* should be there, and it's not ... then you find out that they're using IP range or DNS matching, and not telling the user that they've intentionally hid stuff. I think I've gotten most of the stuff straightened out with our local library, but I have no way of knowing for sure. (my desktop machine's doesn't resolve in the 'gsfc.nasa.gov' domain, and not on the most common network here ... so most systems' test for 'is this a local person' fail, and I get treated as an outsider ... I actually get better service using my personal laptop on the wireless network for visitors) -Joe
Re: [CODE4LIB] Oral History Metadata Best Practices
You might want to look at the section on Cataloging in the best practices guide on Florida Voices: http://www.fcla.edu/FloridaVoices/index.htm Priscilla On 10/25/2012 8:57 AM, Jacobs, Jane W wrote: Hi Library-Coders, My colleagues and I are researching best practices in recording metadata for Oral Histories for an article tentatively accepted for publication. We're looking for input from practicing librarians, archivists, and historians. In particular we'd like to know what encodings (e.g. MARC, EAD, METS, etc.) people are using and how happy (or unhappy) they are with them. Also what fields are people using to enter their data? Any data-dictionaries or templates showing required, repeatable, non-repeatable fields would be welcome. So far we've discovered that with new digital technologies allowing much easier collection and retransmission of oral histories, creation is booming; standards not so much. We would appreciate input from anyone who is willing to share their procedures. As mentioned above, we are planning to publish an article, but we will, of course, ask permission, before quoting anyone directly. Off-list responses are welcome. Please excuse duplication (cross-posting) and forward to interested colleagues. Thanks in advance for your help. JJ **Views expressed by the author do not necessarily represent those of the Queens Library.** Jane Jacobs Asst. Coord., Catalog Division Queens Borough Public Library 89-11 Merrick Blvd. Jamaica, NY 11432 tel.: (718) 990-0804 e-mail: jane.w.jac...@queenslibrary.orgmailto:jane.w.jac...@queenslibrary.org FAX. (718) 990-8566 Connect with Queens Library: * QueensLibrary.org http://www.queenslibrary.org/ * Facebook http://www.facebook.com/queenslibrarynyc * Twitter http://www.twitter.com/queenslibrary * LinkedIn http://www.linkedin.com/company/queens-library * Google+ https://plus.google.com/u/0/116278397527253207785 * Foursquare https://foursquare.com/queenslibrary * YouTube http://www.youtube.com/queenslibrary * Flickr http://www.flickr.com/photos/qbpllid/ * Goodreads http://www.goodreads.com/group/show/58240.Queens_Library The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. -- Priscilla Caplan Assistant Director for Digital Library Services Florida Virtual Campus 5830 NW 39th Avenue Gainesville, FL 32606 (352) 392-9020 x324 (352) 392-9185 (fax)
Re: [CODE4LIB] Crappy AJAX
On 10/25/12 7:37 AM, Joe Hourcle wrote: You didn't answer the question -- why would you not have some sort of check on the AJAX application (or any application, web or otherwise) to do at least minimal sanity checking on the result of an external call? Because putting the onus of sanity checking on the web page isn't the best solution in this case. Of course, it should be set up to handle unexpected results sensibly in any case. In the case of something requiring authentication, if it's a well designed back-end, it should return some HTTP status other than 200; 401 or 403 would be most appropriate. I've unfortunately worked with ColdFusion in the early days before they added cfheader to allow you to change the status code so that it was something other than 200. Which is exactly the point I was about to make before I read your second paragraph; the server, not the web page, should be fixed up to make things work sensibly. I've also seen websites that cheat to install a 'handler' for all requests by linking to a PHP script using Apache's 404 ErrorHandler directive. This also has the side effect that search engines won't index your site at all (as they assume it's all errors) In both of these cases, I'd say the service is poorly designed if you can't easily identify a failure. You can send a login page along with your 401 status, but you *should* *not* send a 30x redirect to a login page, as then the actual status message is lost. (the content hasn't been moved ... you just want someone to go to the login page ... the HTTP specs don't forbid a Location field w/ a 40x status, although I admit I've never verified that major browsers support it) I think we're in agreement here. -- Gary McGath, Professional Software Developer http://www.garymcgath.com
Re: [CODE4LIB] Guide on the Side
I haven't tried Guide on the Side, but looking over the requirements (and source: https://github.com/ualibraries/Guide-on-the-Side) there's nothing about it that I can see that wouldn't run on my cheap, shared Dreamhost account (or the Site5 account I used for a project a few years ago). It seems like a pretty good application for trying on shared hosting, honestly. Webfaction is only $5.50/mo. and has a 60-day money back guarantee -- there are probably others with free month trials, etc. -- so that would probably be the way to go, if you want to try it out. -Ross. On Oct 25, 2012, at 8:46 AM, Ron Gilmour rgilmou...@gmail.com wrote: Greetings! Has anyone here installed Guide on the Sidehttp://code.library.arizona.edu/gots/on a shared hosting service? Or do I need a dedicated server for this? Ron Gilmour Web Services Librarian Ithaca College Library
Re: [CODE4LIB] Oral History Metadata Best Practices
Since I didn't see this crossposted there, it might be worthwhile asking over on the metadataLibrarians listserv (http://metadatalibrarians.monarchos.com/). -Ross. On Oct 25, 2012, at 8:57 AM, Jacobs, Jane W jane.w.jac...@queenslibrary.org wrote: Hi Library-Coders, My colleagues and I are researching best practices in recording metadata for Oral Histories for an article tentatively accepted for publication. We're looking for input from practicing librarians, archivists, and historians. In particular we'd like to know what encodings (e.g. MARC, EAD, METS, etc.) people are using and how happy (or unhappy) they are with them. Also what fields are people using to enter their data? Any data-dictionaries or templates showing required, repeatable, non-repeatable fields would be welcome. So far we've discovered that with new digital technologies allowing much easier collection and retransmission of oral histories, creation is booming; standards not so much. We would appreciate input from anyone who is willing to share their procedures. As mentioned above, we are planning to publish an article, but we will, of course, ask permission, before quoting anyone directly. Off-list responses are welcome. Please excuse duplication (cross-posting) and forward to interested colleagues. Thanks in advance for your help. JJ **Views expressed by the author do not necessarily represent those of the Queens Library.** Jane Jacobs Asst. Coord., Catalog Division Queens Borough Public Library 89-11 Merrick Blvd. Jamaica, NY 11432 tel.: (718) 990-0804 e-mail: jane.w.jac...@queenslibrary.orgmailto:jane.w.jac...@queenslibrary.org FAX. (718) 990-8566 Connect with Queens Library: * QueensLibrary.org http://www.queenslibrary.org/ * Facebook http://www.facebook.com/queenslibrarynyc * Twitter http://www.twitter.com/queenslibrary * LinkedIn http://www.linkedin.com/company/queens-library * Google+ https://plus.google.com/u/0/116278397527253207785 * Foursquare https://foursquare.com/queenslibrary * YouTube http://www.youtube.com/queenslibrary * Flickr http://www.flickr.com/photos/qbpllid/ * Goodreads http://www.goodreads.com/group/show/58240.Queens_Library The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.
Re: [CODE4LIB] Crappy AJAX
On Oct 25, 2012, at 9:20 AM, Gary McGath wrote: On 10/25/12 7:37 AM, Joe Hourcle wrote: You didn't answer the question -- why would you not have some sort of check on the AJAX application (or any application, web or otherwise) to do at least minimal sanity checking on the result of an external call? Because putting the onus of sanity checking on the web page isn't the best solution in this case. Of course, it should be set up to handle unexpected results sensibly in any case. I view it like using JavaScript for form validation -- don't trust it, and still re-do the validation in the backend. If the costs to check tainted inputs are minimal, *do* *it*. Even when the back-end is well designed, there are enough other things out there that are outside your control. ... like when IE decided to start re-writing 404 and other status pages unless they happened to be at least 1k ... so even when we *were* giving informative messages about what was going on, links to report the problem, etc ... it never made it back to the user. (and yes, I know, I've officially hit old fogey status by complaining about changes that IE made more than 10 years ago ... I'm also not a fan of the br tag ... one of the worst mistakes of HTML+) But for more recent situations ... mobile browsers w/ spotty reception. Man-in-the-middle attacks ... deep-packet filtering (the firewall doesn't like some phrase used in the response, so replaces the content with a 'blocked' message ... they may not be common, but they *do* happen. -Joe
Re: [CODE4LIB] Crappy AJAX
On Oct 25, 2012, at 9:20 AM, Gary McGath develo...@mcgath.com wrote: Which is exactly the point I was about to make before I read your second paragraph; the server, not the web page, should be fixed up to make things work sensibly. http://www.google.com/search?q=Postel's+law -Ross.
Re: [CODE4LIB] Crappy AJAX
http://en.m.wikipedia.org/wiki/Sayre's_law On Oct 25, 2012 3:49 PM, Ross Singer rossfsin...@gmail.com wrote: On Oct 25, 2012, at 9:20 AM, Gary McGath develo...@mcgath.com wrote: Which is exactly the point I was about to make before I read your second paragraph; the server, not the web page, should be fixed up to make things work sensibly. http://www.google.com/search?q=Postel's+law -Ross.
Re: [CODE4LIB] Oral History Metadata Best Practices
PS - there is also a paper on oral traditions in FRBR... archivesic.ccsd.cnrs.fr/docs/00/06/26/91/PDF/sic_1629.pdf -Original Message- From: Michael Hopwood Sent: 25 October 2012 14:44 To: 'Jacobs, Jane W'; 'Priscilla Caplan' Cc: CODE4LIB@LISTSERV.ND.EDU Subject: RE: [CODE4LIB] Oral History Metadata Best Practices Hello Jane, Priscilla, I would recommend looking at www.lido-schema.org as more interoperable, extensible and generally longer-term value-adding schema for collection of a lot of historical / heritage data. It has the same capabilities and easy entry level (only three mandatory sections; object/work type - title/name - record details) as Dublin Core to collate a lot of data, potentially from different source, but it also has the optional depth and breadth required for enriching data with links, and the specific semantics used precisely by archives and historians, rather than libraries. Data created / collected in LIDO will have greater reuse potential than less contextual schemas. It's based on the ISO standard CIDOC-CRM (see http://www.cidoc-crm.org/uses_applications.html) which is itself the result of painstaking work by historical and archives data people. The CIDOC-CRM itself is probably worth looking at too, maybe in terms of CRM CORE (a lightweight model using just key parts) and the many real life applications in archive contexts... Disclaimer: I work (as a librarian!) on one part of www.linkedheritage.eu which does have some of the world LIDO experts as partners. Best, Michael Hopwood -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Priscilla Caplan Sent: 25 October 2012 14:17 To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Oral History Metadata Best Practices You might want to look at the section on Cataloging in the best practices guide on Florida Voices: http://www.fcla.edu/FloridaVoices/index.htm Priscilla On 10/25/2012 8:57 AM, Jacobs, Jane W wrote: Hi Library-Coders, My colleagues and I are researching best practices in recording metadata for Oral Histories for an article tentatively accepted for publication. We're looking for input from practicing librarians, archivists, and historians. In particular we'd like to know what encodings (e.g. MARC, EAD, METS, etc.) people are using and how happy (or unhappy) they are with them. Also what fields are people using to enter their data? Any data-dictionaries or templates showing required, repeatable, non-repeatable fields would be welcome. So far we've discovered that with new digital technologies allowing much easier collection and retransmission of oral histories, creation is booming; standards not so much. We would appreciate input from anyone who is willing to share their procedures. As mentioned above, we are planning to publish an article, but we will, of course, ask permission, before quoting anyone directly. Off-list responses are welcome. Please excuse duplication (cross-posting) and forward to interested colleagues. Thanks in advance for your help. JJ **Views expressed by the author do not necessarily represent those of the Queens Library.** Jane Jacobs Asst. Coord., Catalog Division Queens Borough Public Library 89-11 Merrick Blvd. Jamaica, NY 11432 tel.: (718) 990-0804 e-mail: jane.w.jac...@queenslibrary.orgmailto:jane.w.jac...@queenslibrary.org FAX. (718) 990-8566 Connect with Queens Library: * QueensLibrary.org http://www.queenslibrary.org/ * Facebook http://www.facebook.com/queenslibrarynyc * Twitter http://www.twitter.com/queenslibrary * LinkedIn http://www.linkedin.com/company/queens-library * Google+ https://plus.google.com/u/0/116278397527253207785 * Foursquare https://foursquare.com/queenslibrary * YouTube http://www.youtube.com/queenslibrary * Flickr http://www.flickr.com/photos/qbpllid/ * Goodreads http://www.goodreads.com/group/show/58240.Queens_Library The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. -- Priscilla Caplan Assistant Director for Digital Library Services Florida Virtual Campus 5830 NW 39th Avenue Gainesville, FL 32606 (352) 392-9020 x324 (352) 392-9185 (fax)
Re: [CODE4LIB] Oral History Metadata Best Practices
Hello Jane, Priscilla, I would recommend looking at www.lido-schema.org as more interoperable, extensible and generally longer-term value-adding schema for collection of a lot of historical / heritage data. It has the same capabilities and easy entry level (only three mandatory sections; object/work type - title/name - record details) as Dublin Core to collate a lot of data, potentially from different source, but it also has the optional depth and breadth required for enriching data with links, and the specific semantics used precisely by archives and historians, rather than libraries. Data created / collected in LIDO will have greater reuse potential than less contextual schemas. It's based on the ISO standard CIDOC-CRM (see http://www.cidoc-crm.org/uses_applications.html) which is itself the result of painstaking work by historical and archives data people. The CIDOC-CRM itself is probably worth looking at too, maybe in terms of CRM CORE (a lightweight model using just key parts) and the many real life applications in archive contexts... Disclaimer: I work (as a librarian!) on one part of www.linkedheritage.eu which does have some of the world LIDO experts as partners. Best, Michael Hopwood -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Priscilla Caplan Sent: 25 October 2012 14:17 To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Oral History Metadata Best Practices You might want to look at the section on Cataloging in the best practices guide on Florida Voices: http://www.fcla.edu/FloridaVoices/index.htm Priscilla On 10/25/2012 8:57 AM, Jacobs, Jane W wrote: Hi Library-Coders, My colleagues and I are researching best practices in recording metadata for Oral Histories for an article tentatively accepted for publication. We're looking for input from practicing librarians, archivists, and historians. In particular we'd like to know what encodings (e.g. MARC, EAD, METS, etc.) people are using and how happy (or unhappy) they are with them. Also what fields are people using to enter their data? Any data-dictionaries or templates showing required, repeatable, non-repeatable fields would be welcome. So far we've discovered that with new digital technologies allowing much easier collection and retransmission of oral histories, creation is booming; standards not so much. We would appreciate input from anyone who is willing to share their procedures. As mentioned above, we are planning to publish an article, but we will, of course, ask permission, before quoting anyone directly. Off-list responses are welcome. Please excuse duplication (cross-posting) and forward to interested colleagues. Thanks in advance for your help. JJ **Views expressed by the author do not necessarily represent those of the Queens Library.** Jane Jacobs Asst. Coord., Catalog Division Queens Borough Public Library 89-11 Merrick Blvd. Jamaica, NY 11432 tel.: (718) 990-0804 e-mail: jane.w.jac...@queenslibrary.orgmailto:jane.w.jac...@queenslibrary.org FAX. (718) 990-8566 Connect with Queens Library: * QueensLibrary.org http://www.queenslibrary.org/ * Facebook http://www.facebook.com/queenslibrarynyc * Twitter http://www.twitter.com/queenslibrary * LinkedIn http://www.linkedin.com/company/queens-library * Google+ https://plus.google.com/u/0/116278397527253207785 * Foursquare https://foursquare.com/queenslibrary * YouTube http://www.youtube.com/queenslibrary * Flickr http://www.flickr.com/photos/qbpllid/ * Goodreads http://www.goodreads.com/group/show/58240.Queens_Library The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. -- Priscilla Caplan Assistant Director for Digital Library Services Florida Virtual Campus 5830 NW 39th Avenue Gainesville, FL 32606 (352) 392-9020 x324 (352) 392-9185 (fax)
Re: [CODE4LIB] Q: Discovery products and authentication (esp Summon)
At MIchigan, we direct users to an interface within our library site. Over the last week, a bit more than 28% of searches against the Summon service were from on-campus (hardwired) computers. An additional 25% of searches were conducted from authenticated campus wireless networks. So slightly more than half of our searchescome from on campus. Of the rest, 39% in the last week were in the U.S. (and I'm boldly assuming that most of those are in and around Ann Arbor, but the GeoIP database we use is at the country level, not city). On Thu, Oct 25, 2012 at 9:09 AM, Brad Baxter b...@mail.libs.uga.edu wrote: We at GALILEO have thought about this. We authenticate everyone. If they're on campus it's by IP, if not, by password. So everyone sees everything. This also lets us define which EDS profile to direct the user to. -- Brad On 10/24/12, Jonathan Rochkind rochk...@jhu.edu wrote: On 10/24/2012 2:52 PM, Joe Hourcle wrote: Do they even get a message that they've been restricted? I would think that having a message such as : 74 records not shown because you weren't authenticated As far as I know, none of the products have the ability to tell them _how many_ records in the total result set have been suppressed. All of them have the capability, of course, to just tell users Some records may have been suppressed, try logging in. I was trying to get a sense of how many implementations use such a message, and if anyone knows if it results in logins. But I think my conclusion is that few implementers have thought about this, and most off-campus users probably don't get restricted content. :) Which may be just fine -- the amount of restricted content in a given product is also unclear (hard to compare between products, hard to even know for a single product if there's importnat 'restricted content' that's being missed). EDS is unique in having a weird way of suppressing content. If user is not authenticated, you get 'holes' in your result set. If you asked for a page of 10 results, you might only get 5 results, with 5 blank spots. On the one hand, this is a weird UI, on the other at least it makes it obvious you're missing content, and how many records from the _current page_ (if not the entire result set) have been suppressed. EDS does seem to have a fairly significant amount of restricted content, it's unclear if the other tools have around the same amount or less, like I said very hard to evaluate. would be enough to spur most folks to log in. What I hate is when you do a search for something that you *know* should be there, and it's not ... then you find out that they're using IP range or DNS matching, and not telling the user that they've intentionally hid stuff. I think I've gotten most of the stuff straightened out with our local library, but I have no way of knowing for sure. (my desktop machine's doesn't resolve in the 'gsfc.nasa.gov' domain, and not on the most common network here ... so most systems' test for 'is this a local person' fail, and I get treated as an outsider ... I actually get better service using my personal laptop on the wireless network for visitors) -Joe -- Ken Varnum | Web Systems Manager | MLibrary - University of Michigan - Ann Arbor var...@umich.edu | @varnum | http://www.lib.umich.edu/users/varnum | 734-615-3287
[CODE4LIB] Call for Manuscripts: Journal of Web Librarianship, Special Issue on Data
Please excuse cross posting. The *Journal of Web Librarianship* is pleased to announce an upcoming special issue on the topic of *data-driven decision making for the library web*, edited by Meris A Mandernach. Data-driven decision-making in the realm of library web sites is an emerging and ever-evolving goal for libraries of all types and sizes. As data becomes more available and easily accessible, the use of that data for decision making to support the user experience in online systems, discovery tools and websites is of the utmost importance. Though both qualitative and quantitative data should be used for informing decisions in libraries, this issue's scope will focus on quantitative data sources such as: · Web analytics, including Google Analytics · Log reports (search logs, system logs) · Heat maps · Vendor usage reports · Third-party statistics and logs · Public data from Twitter and other social sites Additionally, this issue will focus on how data from the above sources is used to support decisions about all aspects of the library’s virtual presence, including · Discovery tools · Library websites · Library systems · Mobile sites and interfaces Submissions should clearly state one or more research questions or, for more practical articles, a decision that was or will be supported by the data, and explain the type of data sources used. Query letters and preliminary proposals are welcome any time if potential authors would like to discuss their ideas with the issue editor. Please submit queries and manuscripts to guest editor Meris Mandernach at jwl.d...@gmail.com. Please refer to the JWL web site, http://www.lib.jmu.edu/org/jwl for Instructions for Authors. Meris Mandernach is Head of Research Services at The Ohio State University Libraries. She has published numerous articles and book chapters on topics related to reference, usability testing, discovery systems, and chemistry information literacy. *Issue Timeline:* Initial Manuscript Submission deadline: January 31, 2013 Notices to authors: April, 2013 Final Acceptance: June, 2013 Issue Publication: October, 2013 The Journal of Web Librarianship Meris Mandernach, Special Issue Editor Jody Condit Fagan, Editor Email: jwl.d...@gmail.com Website: http://www.lib.jmu.edu/org/ jwl/http://www.lib.jmu.edu/org/%20jwl/
Re: [CODE4LIB] Guide on the Side
We are trying out Guide on the Side. We use a virtual private server for our website, and it works fine. I don't see anything in the requirements that says you need a dedicated server. We tried it out on one of our shared-hosting sites and it works fine there, too. The installation does require you to run some command-line php commands, so you need ssh access. Regards, Alisak. Alisak Sanavongsay Digital Assets Programmer UC Merced Library 209.201.9073 asanavong...@ucmerced.edu On Oct 25, 2012, at 5:46 AM, Ron Gilmour rgilmou...@gmail.com wrote: Greetings! Has anyone here installed Guide on the Sidehttp://code.library.arizona.edu/gots/on a shared hosting service? Or do I need a dedicated server for this? Ron Gilmour Web Services Librarian Ithaca College Library
Re: [CODE4LIB] Crappy AJAX
On Thu, Oct 25, 2012 at 6:51 AM, Chris Fitzpatrick chrisfitz...@gmail.comwrote: http://en.m.wikipedia.org/wiki/Sayre's_law ++Sayre's Law
Re: [CODE4LIB] Oral History Metadata Best Practices
Also, a nice resource (for information and for people having similar discussions) is Oral History in the Digital Age (http://ohda.matrix.msu.edu/), a recently-finished project funded by IMLS and others. - Bert Bertram Lyons, CA Folklife Specialist / Digital Assets Manager American Folklife Center Library of Congress b...@loc.gov www.loc.gov/folklife Consulting Archivist, Project Manager Dissemination Coordinator Association for Cultural Equity Alan Lomax Archive b...@culturalequity.org www.culturalequity.org On Thu, Oct 25, 2012 at 9:44 AM, Michael Hopwood mich...@editeur.org wrote: Hello Jane, Priscilla, I would recommend looking at www.lido-schema.org as more interoperable, extensible and generally longer-term value-adding schema for collection of a lot of historical / heritage data. It has the same capabilities and easy entry level (only three mandatory sections; object/work type - title/name - record details) as Dublin Core to collate a lot of data, potentially from different source, but it also has the optional depth and breadth required for enriching data with links, and the specific semantics used precisely by archives and historians, rather than libraries. Data created / collected in LIDO will have greater reuse potential than less contextual schemas. It's based on the ISO standard CIDOC-CRM (see http://www.cidoc-crm.org/uses_applications.html) which is itself the result of painstaking work by historical and archives data people. The CIDOC-CRM itself is probably worth looking at too, maybe in terms of CRM CORE (a lightweight model using just key parts) and the many real life applications in archive contexts... Disclaimer: I work (as a librarian!) on one part of www.linkedheritage.eu which does have some of the world LIDO experts as partners. Best, Michael Hopwood -Original Message- From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Priscilla Caplan Sent: 25 October 2012 14:17 To: CODE4LIB@LISTSERV.ND.EDU Subject: Re: [CODE4LIB] Oral History Metadata Best Practices You might want to look at the section on Cataloging in the best practices guide on Florida Voices: http://www.fcla.edu/FloridaVoices/index.htm Priscilla On 10/25/2012 8:57 AM, Jacobs, Jane W wrote: Hi Library-Coders, My colleagues and I are researching best practices in recording metadata for Oral Histories for an article tentatively accepted for publication. We're looking for input from practicing librarians, archivists, and historians. In particular we'd like to know what encodings (e.g. MARC, EAD, METS, etc.) people are using and how happy (or unhappy) they are with them. Also what fields are people using to enter their data? Any data-dictionaries or templates showing required, repeatable, non-repeatable fields would be welcome. So far we've discovered that with new digital technologies allowing much easier collection and retransmission of oral histories, creation is booming; standards not so much. We would appreciate input from anyone who is willing to share their procedures. As mentioned above, we are planning to publish an article, but we will, of course, ask permission, before quoting anyone directly. Off-list responses are welcome. Please excuse duplication (cross-posting) and forward to interested colleagues. Thanks in advance for your help. JJ **Views expressed by the author do not necessarily represent those of the Queens Library.** Jane Jacobs Asst. Coord., Catalog Division Queens Borough Public Library 89-11 Merrick Blvd. Jamaica, NY 11432 tel.: (718) 990-0804 e-mail: jane.w.jac...@queenslibrary.orgmailto:jane.w.jac...@queenslibrary.org FAX. (718) 990-8566 Connect with Queens Library: * QueensLibrary.org http://www.queenslibrary.org/ * Facebook http://www.facebook.com/queenslibrarynyc * Twitter http://www.twitter.com/queenslibrary * LinkedIn http://www.linkedin.com/company/queens-library * Google+ https://plus.google.com/u/0/116278397527253207785 * Foursquare https://foursquare.com/queenslibrary * YouTube http://www.youtube.com/queenslibrary * Flickr http://www.flickr.com/photos/qbpllid/ * Goodreads http://www.goodreads.com/group/show/58240.Queens_Library The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. -- Priscilla Caplan Assistant Director for Digital Library Services Florida Virtual
Re: [CODE4LIB] Crappy AJAX
On Thu, 25 Oct 2012, Chris Fitzpatrick wrote: http://en.m.wikipedia.org/wiki/Sayre's_law I'm guessing the other people participating in this thread have never had men with guns show up to take your server because of a 'security incident'. Or block your server's IP address, and then make you jump through hoops for two weeks because they were unhappy with someone uploading an image to your trouble ticket system that accepted anonymous submissions ... with the explaination that if they managed to get a file on there, the whole system was compromised, and had to be blanked and the OS reinstalled. ... it didn't help that the image was text saying something to the effect of 'I've hacked your computer'. And they didn't realize at the time it actually had a JPEG exploit in it, so it was the people who downloaded it could've been compromised, but it wasn't even a valid exploit against the OS we were running. Or have all of the sysadmins in your group stop work for a day while we have a comprehensive scan of all of our machines by the security group because someone on the security auditing group noticed that a machine on our network sent out a request to some random webserver in the middle of the night, and then there was a connection attempted back to that machine and another one on our network. ... but they failed to mention was that the connection back was from a completely different IP range, and they had selectively filtered what they were looking for, so the incoming connections were attempted against *all* machines on our network and not a sign that someone was being selective in their attempts and cause for concern ... and the 'middle of the night' just meant 'before we got in this morning', but we have folks who have to work earlier shifts depending on when we get assigned antenna time to talk to the spacecraft. ... it makes the people who e-mail convinced that NASA's hiding evidence of the existance of alien life seem reasonable by comparison.* So I actually *do* have a stake in validating what we use as inputs. Other people might not, but I do my best to avoid a DOS from our security group.** -Joe * They don't like that we get highly compressed data for 'space weather' purposes, and we replace them with a higher-quality image once it's been downloaded through a higher bandwidth link. They also seem convinced that a compression artifact must be at the same distance from us as the sun for their size and speed calculations, rather than highly energetic particles right at the telescope. ** I've got other stories, too ... but I thought I'd keep it to only the ones that actually affected me.
Re: [CODE4LIB] Q: Discovery products and authentication (esp Summon)
But we do encourage (promote) an interface that forces off-campus authentication to our Summon instance. With an explanation that it's because of pirates! :-) https://auth.lib.unc.edu/ezproxy_auth.php?url=http://unc.summon.serialssolutions.com/search?s.q= And one we would need to revisit if we looked to Summon (or some other product) as a catalog+periodical literature hybrid. Right now we have separate discovery layers That's a useful factor to add to the discussion, thanks. We use Summon for everything, but I can imagine that the discussion about requiring authentication could go differently if it was only used for articles. I was pretty sure that I remembered seeing some research showing that authentication was a barrier, i.e. a certain proportion of users don't actually bother to continue. I did some brief-ish searches (taking the opportunity to compare Summon, EDS, Primo and Google), but the best I could come up with was this (an evidence-free statement): http://www.codinghorror.com/blog/2007/06/removing-the-login-barrier.html (I also found a medical paper [1] with a small study that appeared to agree.) David [1] Tjora, Tran Faxvaag (2005). Privacy vs Usability: A qualitative exploration of patients' experiences with secure internet communication with their general practitioner, Journal of Medical Internet Research 7:2.
[CODE4LIB] Job: Web Developer (UI/UX) at Pennsylvania State University
Digital Library Technologies (DLT), a unit of Information Technology Services (ITS) at The Pennsylvania State University provides IT systems and services to support the teaching, research, and outreach mission of the University Libraries and Penn State. DLT is seeking a Web Developer to be a member of the DLT Application and Repository Services team. Successful candidate will be expected to participate in development and integration of software and web applications for an institutional content stewardship program; share advancements in standards, software development practices, and IT trends; continually refine their skill set; apply new knowledge and techniques; be flexible; create and maintain documentation. This is an opportunity to work with an innovative unit on building a sustainable, enterprise-level content stewardship program at a large, multi-campus institution. This job will be filled as a level 2, or level 3, depending upon the successful candidate's competencies, education, and experience. Typically requires an Associate's degree or higher plus two years of related experience, or an equivalent combination of education and experience for a level 2. Additional experience and/or education and competencies are required for higher level jobs. Proficient knowledge, experience and aptitude is expected for web technologies and an understanding of cross browser issues, user interface design best practices, web and accessibility standards, working collaboratively with both developers and users to improve usability and user experience, wire framing code to web interfaces, integration testing, deploying enterprise services in a team environment, and maintenance for implemented services; enthusiasm for staying informed about cutting-edge technologies for use with software development initiatives; ability to work independently and as a member of a team with diverse constituencies. Preferred experience includes HTML5, jQuery, CSS, Photoshop, Illustrator, mobile web design, and templating languages. Desirable skills include knowledge of MVC frameworks such as Ruby on Rails, and/or Django. The candidate must demonstrate a commitment to continuous service improvement; providing outstanding customer service; upholding organizational processes and project management practices; excellent problem solving skills; strong interpersonal and communication skills. DLT orients projects and activities toward a service management approach. Familiarity with Information Technology Infrastructure Library (ITIL) processes desired. This is a fixed-term appointment funded for one year from date of hire with excellent possibility of re-funding. Brought to you by code4lib jobs: http://jobs.code4lib.org/job/4121/
[CODE4LIB] Are any facial recognition APIs available?
I used face.com 's facial recognition API, when it was available, to do a project where I tagged some people in a set of photos and then it suggested who unidentified people might be. I want to do something similar for a digitization project, but face.com was bought by Facebook, so no more API for me. Does anyone here know of an available API for recognizing and tagging faces in photos? -Wilhelmina Randtke
Re: [CODE4LIB] Are any facial recognition APIs available?
Not an API per se, but OpenCV face tagging with Python! Here's an old and hacky example...I bet there are better ones out there now. http://creatingwithcode.com/howto/face-detection-in-static-images-with-python/ Kam On Fri, Oct 26, 2012 at 12:59 AM, Wilhelmina Randtke rand...@gmail.com wrote: I used face.com 's facial recognition API, when it was available, to do a project where I tagged some people in a set of photos and then it suggested who unidentified people might be. I want to do something similar for a digitization project, but face.com was bought by Facebook, so no more API for me. Does anyone here know of an available API for recognizing and tagging faces in photos? -Wilhelmina Randtke