Document Type

Article

Publication Date

3-29-2024

Publication Source

Journal of Library Administration

Abstract

University of Dayton Libraries added Shibboleth as an additional form of authentication for its licensed e-resources beginning in summer 2023. A major impetus for pursuing Shibboleth are the upcoming web browser changes that will obfuscate users’ IP addresses, set to occur in later 2023 and 2024 and something which will likely disrupt on-campus IP range access via EZproxy. Implementation of Shibboleth for an initial round of fifty-five e-resource platforms was relatively quick as a result of the University of Dayton’s participation in the InCommon Federation of U.S. higher education institutions, also known as an “authentication federation.” Methods for achieving the implementation involved entering Shibboleth entities within vendors’ admin portals or working with the vendor representatives via email. Contrary to our previous understanding of Shibboleth, this implementation did not require extensive work on our end with our central IT office and typically required us to provide only a handful of entities directly to the vendor (all of which are anonymous entities). This article aims to share our workflow and lessons learned in the hope that other InCommon member institutions can follow suit.

Inclusive pages

1–24

ISBN/ISSN

1540-3564

Document Version

Postprint

Comments

The document available for download is the authors' accepted manuscript, provided in compliance with the publisher's policy on self-archiving. Permission documentation is on file.

To view the version of record, use the DOI: https://doi.org/10.1080/01930826.2024.2330862

This document carries the Creative Commons Attribution Noncommercial license.

Publisher

Taylor & Francis Group

Volume

64

Issue

4

Peer Reviewed

yes

Keywords

Shibboleth, EZproxy, federated authentication, browser privacy, identity management

Download

Share

COinS