Nice example of a short, but definitive document on what journal vendors must or should do to get contracts with UC system. Includes definitions, terms, and required or preferred technologies -- including shib and openURL.

ScienceDirect's page on shib and openurl linking.

Shibboleth is fully supported as a custom authentication option for Blackboard Learning System on UNIX operating systems. Due to the experimental nature of the underlying Shibboleth technologies, and limited operational expertise available for Shibboleth, Blackboard recommends customers consider running a restricted, pilot implementation on a test or development server before making this feature generally available on their system.

David Wasley described the Univ. of California's testing of a Shibboleth-enabled SFX server (from Ex-Libris), Barry Ribbeck described UTH-HSC's use of a Shibboleth-enabled Blackboard Course Management System, and John Paschoud described Shibboleth use at the London School of Economics.

Information on Shib enabled applications and services that includes SFX, Blackboard, EZProxy and several of our large ejournal vendors (ScienceDirect, Ebsco, OCLC, JStor, Proquest).  This page is up to date.

Project page from the University System of Maryland.

How can the libraries benefit from shibboleth?

• The most obvious and immediate benefit that the libraries could have from a shibboleth implementation is a single sign on between their services. These services include, but are not limited to, Researchport, EZProxy, SFX, ILLiad, and Aleph (the library catalog). Other services that may be included in the future are fedora, digitool and drum.
• Secure method of authentication. All communication is over SSL, secured channels.
• Patron privacy protection. Shibboleth has the ability to control the amount of information that the identity provider releases to the service provider about the patron. For instance, in order for EZProxy to authorize a user, the identity provider only has to provide that the user is a member of the institution without any personal information about the end user.
• Future integration with institutional portals and SSO. Shibboleth provides standard protocols of communications that could be implemented at the institutional level. This would allow patrons not to have to learn a separate log in for library services.
• Access control to online databases. This would require online databases to implement shibboleth as service providers, but some online resources are doing this already.

 

InCommon eliminates the need for researchers, students, and educators to maintain multiple, password-protected accounts. Online service providers no longer build and manage account provisioning systems. InCommon uses innovative Shibboleth® authentication and authorization systems to enable cost-effective, privacy-preserving collaboration among its community of participants.

Shibboleth is an Internet2/MACE project to support inter-institutional sharing of web resources subject to access controls.¹ EZproxy 3.4a contains built-in support to support that allows EZproxy to act as a Service Provider (SP), allowing EZproxy to accept user authentication and authorization information from your institution's Identity Provider (IdP) and to map that information into corresponding EZproxy authorizations.

Configuring EZproxy for Shibboleth requires careful coordination with your Identity Provider (IdP) administrator. You may need to install a separate SSL certificate that EZproxy will use when communicating with the IdP to request attribute information.

Shibboleth is standards-based, open source middleware software which provides Web Single SignOn (SSO) across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.