Versions Compared

Old Version 18

changes.mady.by.user David Walker

Saved on

compared with

New Version Current

changes.mady.by.user David Walker

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

About

Staff need to be able to login to Alma and end-users need to be able to login to Primo to perform tasks.  Adopting a systemwide approach allows us to streamline the process for setting-up authentication.  It also allows us to coordinate this work with the related task of automating the loading of patron data from PeopleSoft to Alma.

Primary Considerations

Ex Libris would like two things from each campus:

  1. The ‘release attribute’ (read: field in the user data) that will serve as the ‘match point’ between Shibboleth and Primo/Alma.
  2. a set of test credentials so they can assist with testing.

 You can send the test credentials to David.

 Release Attribute

We recommend surveying the options below and consulting with your campus identity management contact before making a decision.  If you are unsure who that is at your campus, check the contacts at the bottom of this page. 

Info
Users will always login to Shibboleth with their campus username and password regardless of which release attribute you choose.  The release attribute is simply the identifier Shibboleth will send to Primo behind the scenes to match the user record in Alma.

1. PeopleSoft ID

With this option, only users with an existing entry in PeopleSoft can login to Primo via Shibboleth. 

Any library user who does not have an existing entry in PeopleSoft (e.g., community borrowers, potentially some auxiliary users) will need to be added to Alma as an 'internal' user, and will login to Primo using the 'internal' login instead of via Shibboleth.

If you want to proceed with this option, your campus Shibboleth administrator can follow the directions here and you can begin testing immediately.

2. Campus username

With this option, any user with a campus username can login to Primo via Shibboleth.

Any other library user who does not have a campus username (e.g., community borrowers) will need to be added to Alma as an 'internal' user, and will login to Primo using the 'internal' login instead of via Shibboleth.

This option potentially covers a slightly larger pool of users than the option above, especially if your campus has a fairly sizeable number of affiliated people outside of PeopleSoft and also assigns those users a campus username. 

However, to ensure that this option works, every user in Alma must have a campus username.  And therefore the automated patron data load will also need to include a username for each user.  The centrally-developed patron data load process is getting its data from PeopleSoft.  So, if you want to use this authentication option and also rely on the centrally-developed patron load process, you will need to ensure that your campus stores usernames in PeopleSoft.  If they do not, you’ll need to work with your campus on a local patron data load process.

Users who are not in PeopleSoft but have a campus username can be added to Alma either manually or through a separate automated process.  Either way, they can still login to Primo via Shibboleth.

If you want to proceed with this option, please let us know which Shibboleth attribute will be the match point (your Shibboleth administrator should know this).  We’ll need to inform Ex Libris of this decision so they can make a change on their end.  And then your Shibboleth administrator can follow the directions here and you can begin testing.

Major Milestones

StageComplete ByStatusMeet with Chancellor's Office Identity Management Group and vanguard campuses (Fresno, San Jose, Northridge) to discuss project.

 

StatuscolourGreentitleCompletedMeet with Ex Libris to discuss options for Shibboleth.

 

StatuscolourGreentitleCompletedAll campus Primo SPs registered with InCommon

 

StatuscolourGreentitleCompletedInitial testing of Shibboleth with Chancellor's Office.

 

StatuscolourGreentitleCompletedIntroduce campus Identity Management groups to project

 

StatuscolourGreentitleCompletedMeet with library project managers to discuss how best to move this task forward.

 

StatuscolourGreentitleCompletedGet a list of campus identity management contacts

 

StatuscolourGreentitleCompletedCampus Primo instances made available

 

Status
colourBlue
titleIn-Progress

Check-in with campus identity management and library staff on progressTBD

Status
colourRed
titleNot started

All campus Primo and Alma instances set-up

 

Status
colourRed
titleNot started

Documentation

Meeting Notes:

  • SSO / PeopleSoft Discussion (w/CO)
    • 2015-11-04 Meeting notes

    Documentation

    This documentation is for your Shibboleth administrator.  They will need to modify the Shibboleth configuration to work with Alma.  Alma should already be configured to support Shibboleth.


    Project Team

    Dolph Chaney (Project Manager)
    Dolph.Chaney@exlibrisgroup.com

    James Tapia (Shibboleth)
    James.Tapia@exlibrisgroup.combrandon dudley (Unlicensed), Lauren Magnuson (Unlicensed)
    RoleName
    Project lead

    David Walker

    Chancellor's Office Contacts

    Marcus Mizushima (Shibboleth)
    mmizushima@calstate.edu

    Michael Trullinger (Dir. Tech Infr.)
    mtrullinger@calstate.edu

    Carol Kiliany (Project Manager)
    ckiliany@calstate.edu

    Ex Libris ContactsInformed / Other Stakeholders

    Wei Dai
    Wei.Dai@exlibrisgroup.com

    Campus Contacts


    Contact

    Campus

    		TitleEmailPhone
    Trullinger, MichaelCO-ITSAssociate Director, Identity and Access Management mtrullinger@calstate.edu562-951-4295
    Mizushima, MarcusCO-ITSLead Identity Management Analystmmizushima@calstate.edu562-951-4532
    Kilingenstein, NateCO-ITSIdentity Mangment Analyst nklingensein@calstate.edu562-951-4286
    Kiliany, CarolCO-ITSProject Managerckiliany@calstate.edu562-951-4214
    Fleming, MichaelBakersfieldNetwork Analystmfleming@csub.edu661-654-2118
    Aquino, HerbChannel IslandsManager, IT Infrastructureherb.aquino@csuci.edu805-437-8550
    Miller, AndyChicoSenior Director, Enterprise Applicationslamiller@chico.edu530-898-3169
    Chang, Bill Dominguez HillsDirector, Enterprise Applicationsbchang@csudh.edu310-243-3702 
    Lim, GeneEast BayDir, Sys & Infrastructure Enggene.lim@csueastbay.edu510-885-7283
    Mize, MikeFresnoOperating Systems Team Leadmikem@csufresno.edu559-278-3923
    Luzzi, JoeFullertonIT-Enterprise Resource Planningjluzzi@exchange.fullerton.edu657-278-3251 
    Callahan, JoshHumboldtInformation Security Officerjosh.callahan@humboldt.edu707-826-3815
    Santana, JesseLong BeachDir, Servers, Systems&Web SvcsJesse.Santana@csulb.edu562-985-4750
    Lee, MichaelLos AngelesAssociate Director, CMS and Enterprise Systemsmlee40@cslanet.calstatela.edu323-343-2651 
    Sosa, PaulMaritime AcademyOperating Sys Analystpsosa@csum.edu707-654-1728 
    Mann, StevenMonterey BayAssociate Director of Network Servicessteven.mann@csumb.edu831-582-4533
    Jeff ArltMoss LandingNetwork Administratorjarlt@mlml.calstate.edu831-771-4425
    Krezwinski, KevinNorthridgeDirector, Applications Developmentkevin.krezwinski@csun.edu818-677-5911
    Arboleda, AlPomonaChief Technology Officeraarboleda@cpp.edu909-979-6449
    Pike, BrennanSacramentoIdentity Management Leadpikejb@csus.edu916-278-7635
    Torner, JavierSan BernardinoInformation Security Officerjtorner@csusb.edu909-537-7720
    Jeffers, MarcusSan DiegoLead Identity Management Analystmjeffers@mail.sdsu.edu619-594-5432
    Nagore, Basha San FranciscoIdentity Management Analystnagore@sfsu.edu415-405-4346
    Cook, MikeSan JoseDir. Identity, Sec. & Ent Compmike.cook@sjsu.edu408-924-1705
    Malone, DanSan Luis ObispoIdentity Architectdmalone@calpoly.edu805-756-6326
    Margo LopezSan MarcosDirector, Systems Integration and Identity Managementmargo@csusm.edu760-750-4786
    Brian BiggsSonomaAnalyst/Programmerbrian.biggs@sonoma.edu707-664-2047
    Cardoza, CoreyStanislausAnalyst/Programmerccardoza@csustan.edu209-667-3731