====== Single Sign-On Protocols ====== ===== CAS ===== A branch for 2.4 that is specific to University of Windsor: http://git.evergreen-ils.org/?p=contrib/Conifer.git;a=commitdiff;h=88b1d68561e71c18d5d5098cb79ab0ddbaf61ff6 Libraries that have expressed interest: * [[http://markmail.org/message/2dnj7cakwks53buk|Emily Carr University of Art and Design]] * [[http://georgialibraries.markmail.org/thread/inalcs3tkxhp2olq|Kirtland Community College]] * Linn-Benton Community College Existing clients: * There's a Perl client for CAS called [[https://metacpan.org/pod/AuthCAS|AuthCAS]] * There's also an Apache mod: https://wiki.jasig.org/display/CASC/mod_auth_cas ===== LDAP ===== Authentication with LDAP already exists. * Documentation: http://docs.evergreen-ils.org/reorg/3.0/command_line_admin/_authentication_proxy.html * Here are some bugs: https://bugs.launchpad.net/evergreen/+bugs?field.tag=ldap * As of December 2016, [[http://markmail.org/message/bfiad3ficvy6erox|Mohawk College]] and [[http://markmail.org/message/eqaty3kj2omkbuc6|Berklee College of Music]] both use the authentication proxy with LDAP It does not do automatic provisioning of accounts, it just allows users to sign-in using their LDAP credentials if they already have an Evergreen account. * Conifer uses a [[http://git.evergreen-ils.org/?p=contrib/Conifer.git;a=blob;f=tools/patron-load/ldap_osrf_sync;h=c91500a8eac055afedf1e30541923df2000a960b;hb=refs/heads/tools_current|crazy Python script]] to provision accounts; it also generates a barcode for the user and updates the LDAP entry with the new barcode. This code might be a useful starting point for others who want to create their own, but a general utility is unlikely as LDAP attributes vary from organization to organization. ===== OpenAthens ===== * [[dev:proposal:openathens_integration|OpenAthens proposal]] * [[https://georgialibraries.markmail.org/thread/u33y7kkp4vxye7nf|Helpful email thread detailing scope of project]] ===== SAML ===== * As of December 2016, Berklee College of music is [[http://markmail.org/message/eqaty3kj2omkbuc6|interested in moving to SAML]] There's a Perl library: https://metacpan.org/pod/Net::SAML ===== Shibboleth =====