I'm not sure if it is quite the same, but in the same area, there is some
stuff being done around picking up Shibboleth attributes based on IP
location:

Shibboleth IdP User Agent Attribute Extension
=============================================
This plugin captures the user agent IP address at authentication and then
allows that information to trigger the association of certain attributes/values
during attribute resolution time.


https://github.com/ukf/ua-attribute-idp-ext/blob/master/README.txt

Owen

On Thu, Jun 14, 2012 at 3:46 PM, Godmar Back <[log in to unmask]> wrote:

> A number of web applications, both client and server-side, could benefit if
> it could be easily determined if a user is on or off campus with respect to
> accessing resources that use IP-address based authentication.
>
> For instance, a web site could show/hide a button asking the user to "log
> in," or a proxied/non-proxied URL could be displayed depending on whether
> the user is connecting from within/outside an authorized IP range. This
> would reduce or eliminate the need for special proxy setups/unnecessary
> proxy use and could improve the user experience.
>
> This is probably a problem for which many ad-hoc solutions exist on
> campuses as well as solutions integrated into vendor-provided systems. It
> would be nice, and beneficial to in particular LibX, but also presumably
> other software that is facing this problem, to have a reusable service
> implementation/response format that is easily deployable and requires only
> minimum effort for setup and maintenance. Maintenance should be as simple
> as maintaining a file with the IP-ranges in a directory, like many
> libraries already do for their communication with database vendors or
> publishers.
>
> My question is what existing ideas/standards/software exists for this
> purpose, if any, or what ideas/approaches others could share.
>
> I would like to point at a small piece of software I'm sharing, which is a
> PhP-based isoncampus service [1], a demo is available here [2]. If anyone
> has a similar need and is interested in working together on a solution,
> this could be a seed around which to start. Besides the easily deployable
> PhP implementation, more efficient bindings/implementations for other
> languages and/or server/cloud environment could be created (AppEngine comes
> to mind.)
>
>  - Godmar
>
> [1] https://github.com/godmar/isoncampus
> [2] http://libx.lib.vt.edu/services/isoncampus/isoncampus.php
>
> ps: as a side-note, OCLC's OpenURL registry used to include IP-ranges as
> they were known to OCLC; this was at some point removed due to privacy
> concerns. I do note, however, that in general the ownership of IP-ranges is
> public information, as are CIDR ranges, both of which are easily accessible
> via web services provided by arin.net or by the regional registries.
> Though
> mapping from an IP address to its owner is not the same as listing IP
> ranges associated with an organization (many include multiple discontiguous
> CIDR ranges), I note that some of this information is also public via the
> BGP-advertised IP-prefixes for an institution's (main-) AS. In any event,
> no one would be forced to run this service if they have privacy concerns.
>



-- 
Owen Stephens
Owen Stephens Consulting
Web: http://www.ostephens.com
Email: [log in to unmask]