I'd like to have our EZProxy server authenticate users using SIP2,
which is totally supported and documented here:
However, I am not enthusiastic about sending unencrypted patron login
information over Telnet or raw sockets, and neither is our ILS
sysadmin. I'd like to figure out a way to perform the SIP2
authentication/authorization check over SSH, but am not quite sure how
best to do that. Do either of these approaches make sense?
* Installing stunnel on the EZProxy server to encrypt the outgoing and
incoming SIP2 traffic.
* Writing a custom external script that would handle the whole auth
process: SSHing into our SIP server and seeing if the user is legit.
Here's what EZProxy has to say about this type of option:
-- I'd have to write some code to handle the SIP auth rather than
using EZProxy's built-in option, but my ILS has pretty good
documentation for its SIP implementation.
Am I missing some simpler option? Our EZProxy is running on a Windows
machine, by the way, and we use Evergreen as our ILS. I'd love any
advice or suggestions that you seasoned EZProxy experts can share.
Electronic Resources Librarian
Linn-Benton Community College
[log in to unmask] / 541-917-4655