 |
 |
EZProxy can be configured to take you to a start page that it generates, but more commonly it is set up to take you through to the URL you give it. In our setup, you approach EZProxy with a url like this: http://login.ezproxy.library.ualberta.ca/login?url=http://www.whereyouwantto go.org After authentication (which can be by IP as well as user id or whatever), it redirects you to http://www.whereyouwanttogo.org.login.ezproxy.library.ualberta.ca/ It fetches the remote page and rewrites all the links (or rather the ones it knows you need to proxy) to keep you in its artificial little window on the web. It uses cookies to manage sessions. In the context of a federated search, I think you could do something like this: 1) user requests search from search agent 2) search agent passes search on to a number of external resources via EZProxy. The agent must cache the session cookie from EZProxy (the cookie's domain is .ezproxy.library.ualberta.ca), as well as any cookies it gets from the external resources, whose cookies will have domains like 80-web18.epnet.com.login.ezproxy.library.ualberta.ca. 3) the search agent composes a page of hits for the user (with all the links pointing to EZProxy urls) and sends it down to the browser, along with all the cookies needed to access the resources in question. All the cookies are at least associated with a local domain, so it should be possible to have them accepted by the browser (though I'm not sure of the details here - could metasearch.library.ualberta.ca set a cookie for ezproxy.library.ualberta.ca without setting off alarms?) At the end of this, the user should get a page that has everything needed to replicate the search environment that the federated search agent set up. To get all those cookies set without hassles, it might be necessary to access the result page via EZProxy. I hope that at least frames the right questions about this approach. A question to the EZProxy listserv would get the attention of EZProxy's designer Chris Zagar, who could point out any flaws in this scheme. Peter Peter Binkley Digital Initiatives Technology Librarian Information Technology Services 4-30 Cameron Library University of Alberta Libraries Edmonton, Alberta Canada T6G 2J8 Phone: (780) 492-3743 Fax: (780) 492-9243 e-mail: [log in to unmask] > -----Original Message----- > From: Walter Lewis [mailto:[log in to unmask]] > Sent: Tuesday, March 16, 2004 07:38 AM > To: [log in to unmask] > Subject: Re: [CODE4LIB] Remote authentication cookies (was > Re: [CODE4LIB] index of open access journals) > > > Binkley, Peter wrote: > > >I wonder if you could fake it using EZProxy, which does a > good job of > >managing cookies for proxied resources. Have the metasearch process > >start an EZProxy session and then hand that over to the user. > > > I had a sense that proxies were going to enter into the > solution in some fashion, especially given that the > metasearch is almost a proxied search. > > Does anyone have any experience with EZProxy or its > competition in this context? The EZProxy docs suggest that > the OOTBE is designed to handle passing people on to the > authenticated start page. In the federated search paradigm > we're trying to hand them off to a moderately relevant > results page. Any insight at this stage could save a lot of time. > > Thanks. > > Walter Lewis > Halton Hills >