Hi Jane:
Good choice of ILS!
We set up a tunnel between our SIP self-checkout client and the Evergreen
SIP2 server, as documented here:
https://coffeecode.net/archives/219-Setting-up-secure-self-check-connections-using-SIP-tunneled-through-SSH.html
One small difference being that we now use autossh. If your EZProxy
instance is on a Linux box, it should go swimmingly for you; the biggest
pain for me was setting up Cygwin on Vista (silly 3M self check).
Good luck!
Dan
On Jan 23, 2015 1:24 PM, "Jane Sandberg" <[log in to unmask]> wrote:
> Hi all,
>
> I'd like to have our EZProxy server authenticate users using SIP2,
> which is totally supported and documented here:
> http://www.oclc.org/support/services/ezproxy/documentation/usr/sip.en.html
> .
>
> However, I am not enthusiastic about sending unencrypted patron login
> information over Telnet or raw sockets, and neither is our ILS
> sysadmin. I'd like to figure out a way to perform the SIP2
> authentication/authorization check over SSH, but am not quite sure how
> best to do that. Do either of these approaches make sense?
>
> * Installing stunnel on the EZProxy server to encrypt the outgoing and
> incoming SIP2 traffic.
>
> * Writing a custom external script that would handle the whole auth
> process: SSHing into our SIP server and seeing if the user is legit.
> Here's what EZProxy has to say about this type of option:
>
> http://www.oclc.org/support/services/ezproxy/documentation/usr/external.en.html
> -- I'd have to write some code to handle the SIP auth rather than
> using EZProxy's built-in option, but my ILS has pretty good
> documentation for its SIP implementation.
>
> Am I missing some simpler option? Our EZProxy is running on a Windows
> machine, by the way, and we use Evergreen as our ILS. I'd love any
> advice or suggestions that you seasoned EZProxy experts can share.
>
> Appreciatively,
>
> -Jane
>
> --
> Jane Sandberg
> Electronic Resources Librarian
> Linn-Benton Community College
> [log in to unmask] / 541-917-4655
>
|