self-registration of non-institute patron identifiers in aleph
TRANSCRIPT
Self-registration of non-institute patron identifiers in Aleph
Agenda
Aleph identifiers and aliases
Touchstone: two Identity Providers
Aleph’s handling of regular patrons
Collaboration Accounts Management System
Aleph’s handling of CAMS patrons
The primary problem and its solution
Staff Training 2014Page 2
Glossary of terms
CAMS: Collaboration Accounts Management System.
Aleph ID: A number that identifies a patron in Aleph.
Alias: A synonym for an aleph id.
API: Application Programming Interface.
X-server: An Aleph API.
Staff Training 2014Page 3
Glossary of terms
Shibboleth: Federated ID management software.
Touchstone: MIT’s branding of Shibboleth.
IdP: Identity Provider (Shibboleth)
SP: Service Provider (Shibboleth)
Staff Training 2014Page 4
Identifiers and Aliases in Aleph
What are they?
How does Aleph use them?
Staff Training 2014Page 5
Aleph identifiers – Z308
Z308_REC_KEY Z308_ID
50481 50481
29080005932917 50481
900059159 50481
[email protected] 50481
Staff Training 2014Page 6
Touchstone review
Temporary redirect to the login page
Identifier returned to the application
User redirected back to original target
Staff Training 2014Page 7
Production IdP(Kerberos accounts)
idp.mit.edu
Collaboration Accounts Management System IdP
(CAMS)
idp.touchstonenetwork.net
Aleph
Touchstone Touchstone
Points to remember aboutregular patron handling
Everybody is a number in Aleph.
Aleph uses aliases for alternate ways of identifying a patron.
Aliases must be explicitly defined before use, and require two pieces of information: the alias character string,
the corresponding aleph id number.
Since Kerberos ids are predictable, the loader scripts set up all required aliases for patrons who have a Kerberos id.
Staff Training 2014Page 10
CAMS review
CAMS IdP
1. Open to the world for self-registration
2. No privileges attached
3. Id must be a valid email address, but NOT one with ‘mit.edu’ domain
4. Identifier returned from authentication is NOT predictable.
Staff Training 2014Page 11
New manually-registered patron
Circ staff member
1. creates the patron’s new Aleph id2. creates a library card with a barcode 3. adds the barcode to the Aleph record as an
alias4. presents the library card to the patron
Staff Training 2014Page 12
Aleph identifiers – Z308
Non-institute patron’s aliases when the card is issued.
Z308_REC_KEY Z308_ID
12345 12345
11111111111111 12345
Staff Training 2014Page 13
Collaboration Accounts Management System IdP
(CAMS)
idp.touchstonenetwork.net
Aleph
Touchstone
Your Account
<unknown>
Solving the alias problem
A tale of two scripts:
1. alcams1.cgi
2. alcams2.cgi
Staff Training 2014Page 15
Overview of the process
If the patron requests access to Your Account, two operations accomplish the task.
1. Circ staff runs the alcams1.cgi script from a form, which constructs a magic URL and emails it to the patron.
Staff Training 2014Page 16
Details of alcams2.cgi - 1
At a convenient time and place the patron registers his or her Shibboleth (CAMS) identifier by clicking the magic URL that was sent from alcams1.
Example of a magic URL:
http://library.mit.edu/shib/alcams2.cgi?parm=94451594151565253505
Staff Training 2014Page 17
Aleph identifiers – Z308
Z308_REC_KEY Z308_ID
50481 50481
29080005932917 50481
900059159 50481
[email protected] 50481
[email protected] 50481Staff Training 2014Page 18
Details of alcams2.cgi - 2
Alcams2.cgi combines four things:
1. Access to patron’s CAMS identifier.
2. Access to the patron’s Aleph id.
3. Writeable access to Aleph for updating z308 table.
4. Convenience and privacy for the patron.
Staff Training 2014Page 19
Experiment
CAMS identifiers can be created and used with regular Aleph patron accounts.
Try the CAMS experience yourself
1. Ask the circ staff to generate the instructional email for your Aleph id.
2. Follow the steps in the email and experience what non-institute patrons experience.
3. Tell me about any difficulties.
Staff Training 2014Page 20
Useful links
Creating a Collaboration account: http://kb.mit.edu/confluence/display/istcontrib/Creating+a+Touchstone+Collaboration+Account
Touchstone at MIT: http://ist.mit.edu/touchstone
Staff Training 2014Page 21
