[Koha] Remote Authentication

Indranil Das Gupta indradg at gmail.com
Fri Jan 15 13:30:19 NZDT 2016


Hello!

I use a simple solution for a few of my clients where they are
accessing e-journals and e-books from their OPAC. Essentially all of
the e-content providers in India offer IP based authentication. So
there is a Squid proxy server on the campus that is available. I have
a few external helper auth scripts for squid that query the Koha db's
borrowers table. This is how it all works in my cases:

1. Library user visits the opac from an on premise desktop using the
Koha OPAC. The e-content records carry the resource links in 856$u

2. The PCs used have an proxy autoconfig file (.pac) file configured
in their network settings. The PAC file is designed to proxy only for
the e-content, for everything else, it is a passthru.

3. When people click the URL in 856$u, the PAC file catches it and
directs the request to the Squid proxy.

4. Squid proxy does not yet know who is requesting, so it dispatches
the request to my custom auth helper script.

5. The auth helper script pops up a http auth dialog on the user's
desktop, where they enter their Koha db user name and password (which
they otherwise use to login into the OPAC)

6. user keys in the credentials. the script takes these and checks
against the Koha DB's borrowers table. if existing and the account has
not been barred due to any reason, it informs SQUID to allow it.

7. User get the requested URL served up on the browser.

Additonally the script maintains login data in the Koha database in a
custom table, which provides accounting. The management and reporting
part is packaged as a Koha plugin.

this helps as now users can even access to their subscribed content
from even outside the campus as these specific requests are routed
through the proxy server which is on the approved IP address block
registered with the content provider.

hope this helps
-idg

On Thu, Jan 14, 2016 at 5:39 PM, SAIACS, Chief Librarian
<library at saiacs.org> wrote:
> Dear Friends,
>
> I would like to hear your experience on authenticating library users from KOHA OPAC to access subscribed content. We are using KOHA 3.18. Your insights will be helpful to develop one for our library. we do subscribe to JSTOR, ebooks from EBSCO and others.
>
> Thanks
>
> Yesan Sellan,  B.Com., MLISc., PGDLAN, UGC-NET., BCS
> Chief Librarian
> South Asia Institute of Advanced Christian Studies (SAIACS)
> 363 Dodda Gubbi Cross Road, Kothanur P.O., Bangalore 77, India
> Phone: 91 80 2846 5235/5344/ 5649, Fax: 91 80 28465412, Mobile: 91-9972348251
> Website: www.saiacs.org Alternative Email: yesans at gmail.com or yesan.sellan at saiacs.org
>
>
> ______________________________________
> IMPORTANT : This message is intended only for the addressee. It may contain confidential information. Any unauthorized disclosure is strictly prohibited. If you have received this message in error, please notify us immediately so that we may correct our internal records. Please then delete the original message. Thank you.
>
>  Please consider the environment before printing this email.
>
>
>
> ---
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus
>
> _______________________________________________
> Koha mailing list  http://koha-community.org
> Koha at lists.katipo.co.nz
> https://lists.katipo.co.nz/mailman/listinfo/koha



-- 
Indranil Das Gupta

Phone : +91-98300-20971
Blog    : http://indradg.randomink.org/blog
IRC      : indradg on irc://irc.freenode.net
Twitter : indradg

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-
Please exchange editable Office documents only in ODF Format. No other
format is acceptable. Support Open Standards.

For a free editor supporting ODF, please visit LibreOffice -
http://www.documentfoundation.org


More information about the Koha mailing list