Print

Print


Hi all,

I'd like to have our EZProxy server authenticate users using SIP2,
which is totally supported and documented here:
http://www.oclc.org/support/services/ezproxy/documentation/usr/sip.en.html.

However, I am not enthusiastic about sending unencrypted patron login
information over Telnet or raw sockets, and neither is our ILS
sysadmin.  I'd like to figure out a way to perform the SIP2
authentication/authorization check over SSH, but am not quite sure how
best to do that.  Do either of these approaches make sense?

* Installing stunnel on the EZProxy server to encrypt the outgoing and
incoming SIP2 traffic.

* Writing a custom external script that would handle the whole auth
process: SSHing into our SIP server and seeing if the user is legit.
Here's what EZProxy has to say about this type of option:
http://www.oclc.org/support/services/ezproxy/documentation/usr/external.en.html
-- I'd have to write some code to handle the SIP auth rather than
using EZProxy's built-in option, but my ILS has pretty good
documentation for its SIP implementation.

Am I missing some simpler option?  Our EZProxy is running on a Windows
machine, by the way, and we use Evergreen as our ILS.  I'd love any
advice or suggestions that you seasoned EZProxy experts can share.

Appreciatively,

  -Jane

-- 
Jane Sandberg
Electronic Resources Librarian
Linn-Benton Community College
[log in to unmask] / 541-917-4655