Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Last revision Both sides next revision | ||
|
ezproxy_maintenance [2023/05/24 13:45] myoungberg Updated OCLC stanza link |
ezproxy_maintenance [2023/12/08 14:46] myoungberg [User File] |
||
|---|---|---|---|
| Line 67: | Line 67: | ||
| We are not currently using include files for the config. DRMS wants to explore this further in the future but for now please place all stanzas directly in the config file. | We are not currently using include files for the config. DRMS wants to explore this further in the future but for now please place all stanzas directly in the config file. | ||
| - | ==== User File ==== | + | ==== User Files ==== |
| - | The user file is less complex than the config file and is primarily used to temporary block NetIDs which have become compromised until IT confirms that the patrons password has been reset. For specific instructions on this process see the Licensing Violations document below. When blocking a patron, format as "netid::deny" | + | **NOTE:** This section has been rewritten as of our September 2023 switch from LDAP tp SSO authentication. Please refer to earlier versions of this page for LDAP documentation. |
| - | To create temporary usernames/passwords for troubleshooting, use the following format: | + | Unlike LDAP authentication, SSO authentication requires two user files: user.txt and shibuser.txt. |
| - | # Context (Name of user, etc.) | + | |
| - | Username:Password | + | |
| - | * Please always preserve the login for EBSCO, Mount Ida, and the temporary EZproxy troubleshooting password. If publishers ask for credentials try and create a unique login and delete it when they are done. | + | |
| - | The username/password for the EZProxy web admin is configured here. **DO NOT DELETE IT.** | + | === user.txt === |
| + | We use this file for two purposes: | ||
| + | * to create **temporary login credentials**, usually for vendors | ||
| + | * to specify **authentication method** | ||
| + | Instructions for how to perform these tasks, including links to OCLC documentation, are included in user.txt. Since the temporary credentials we create in user.txt are not issued by OIT, the SSO login screen will not work. Instead, users with these credentials will need to bypass the SSO login screen. When creating temporary credentials, please provide the following information to the recipient: | ||
| + | * Log in via https://silk.library.umass.edu:443/login?user=username&pass=password | ||
| + | * This link will land you on a menu page, but you'll be logged in and can follow any links from EDS that contain silk.library.umass.edu | ||
| + | |||
| + | === shibuser.txt === | ||
| + | |||
| + | We use this file for two purposes: | ||
| + | * To specify any actions that should apply to **all users** – as of October 2023, the only directive in this category is to log activity using netid@umass.edu as the username instead of shibboleth. | ||
| + | * To specify any actions that should apply to **specific users**. As of October 2023, this includes specifying which users can log into the EZProxy server as admins and temporarily blocking users | ||
| + | Instructions for how to perform these tasks, including links to OCLC documentation, are included in shibuser.txt. | ||
| ==== EZProxy Public Pages (Documents) ==== | ==== EZProxy Public Pages (Documents) ==== | ||
| Patrons primarily experience the EZProxy login page, and may never encounter the various other pages which are mostly reserved for specific EZProxy related errors. These are stored in the "docs" directory of the server. The include the following pages: | Patrons primarily experience the EZProxy login page, and may never encounter the various other pages which are mostly reserved for specific EZProxy related errors. These are stored in the "docs" directory of the server. The include the following pages: | ||
