For others interested in this issue, we at Brown are taking a different tack for now.
It'll be a while before the computing/info-services department gets around to shibbolizing ILLiad (because of the windows server). Our interest has been in _automating_ ILLiad requests, which we've been doing for a few years now, but with a catch: to date we've had to capture users' passwords in order to programmatically log them in (then we pass ILLiad an OpenUrl).
Though that has worked fine, we've wanted to move away from handling the passwords, and thought we might have wait for the cis department to investigate & implement a 'delegation' approach that has been used with Shibboleth -- but a programmer on our team discovered the remote authentication feature, and got the following working: Now we can have users log into a (non-Illiad) shib-protected page for the relevant OpenUrl-based service, and then we pass their user-id (eppn in shib-speak) and illiad-remote-authentication key to ILLiad, grab the session id, which then allows the OpenUrl-based request to be submitted to ILLiad.
Birkin James Diana
Programmer, Digital Technologies
Brown University Library
[log in to unmask]
On Jan 12, 2012, at 1:04 PM, Cindy Harper wrote:
> How opportune! Colgate wants to do this, but I'm offered a one-week
> timeframe. We have CAS all set up. Does it look like it's doable in that
> Cindy Harper, Systems Librarian
> Colgate University Libraries
> [log in to unmask]
> On Thu, Jan 12, 2012 at 12:51 PM, Friscia, Michael <[log in to unmask]
>> Anyone still interested in the topic of remote authentication for ILLiad
>> using CAS? (for sites that host their own ILLiad instance)
>> I just completed integration this morning without using the various UofA
>> or UC Davis ISAPI filters out there. If there's interest I'd be happy to
>> share how it was done.
>> Michael Friscia
>> Manager, Digital Library & Programming Services
>> Yale University Library
>> (203) 432-1856