Versions Compared

Old Version 19

changes.mady.by.user David Walker

Saved on

compared with

New Version Current

changes.mady.by.user David Walker

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

About

Staff need to be able to login to Alma and end-users need to be able to login to Primo to perform tasks.  Adopting a systemwide approach allows us to streamline the process for setting-up authentication.  It also allows us to coordinate this work with the related task of automating the loading of patron data from PeopleSoft to Alma.

Information needed from each campus

Ex Libris would like two things from each campus:

  1. The ‘release attribute’ (read: field in the user data) that will serve as the ‘match point’ between Shibboleth and Primo/Alma.
  2. A set of test credentials so they can assist with testing.

 You can send the test credentials to David.

 Release Attribute

We recommend surveying the options below and consulting with your campus identity management contact before making a decision.  If you are unsure who that is at your campus, check the contacts at the bottom of this page. 

Info
Users will always login to Shibboleth with their campus username and password regardless of which release attribute you choose.  The release attribute is simply the identifier Shibboleth will send to Primo behind the scenes to match the user record in Alma.

1. PeopleSoft ID

With this option, only users with an existing entry in PeopleSoft can login to Primo via Shibboleth. 

Any library user who does not have an existing entry in PeopleSoft (e.g., community borrowers, potentially some auxiliary users) will need to be added to Alma as an 'internal' user, and will login to Primo using the 'internal' login instead of via Shibboleth.

If you want to proceed with this option, your campus Shibboleth administrator can follow the directions here and you can begin testing immediately.

2. Campus username

With this option, any user with a campus username can login to Primo via Shibboleth.

Any other library user who does not have a campus username (e.g., community borrowers) will need to be added to Alma as an 'internal' user, and will login to Primo using the 'internal' login instead of via Shibboleth.

This option potentially covers a slightly larger pool of users than the option above, but will require extra work, and so comes with two significant caveats.  Read these carefully.

  1. This option could be useful if your campus has a fairly sizeable number of affiliated people outside of PeopleSoft who are loaded into both Alma and Shibboleth.  If these users are not loaded into both systems, you gain nothing by choosing this option.
  2. To ensure that this option works, every user in Alma must have a campus username.  And therefore the automated patron data load will also need to include a username for each user.  The centrally-developed patron data load process is getting its data from PeopleSoft.  So, if you want to use this authentication option and also rely on the centrally-developed patron load process, you will need to ensure that your campus stores usernames in PeopleSoft.  If they do not, you’ll need to work with your campus on a local patron data load process.

Users who are not in PeopleSoft but have a campus username can be added to Alma either manually or through a separate automated process.  Either way, they can still login to Primo via Shibboleth.

If you want to proceed with this option, please let us know which Shibboleth attribute will be the match point (your Shibboleth administrator should know this).  We’ll need to inform Ex Libris of this decision so they can make a change on their end.  And then your Shibboleth administrator can follow the directions here and you can begin testing.

Major Milestones

StageComplete ByStatusMeet with Chancellor's Office Identity Management Group and vanguard campuses (Fresno, San Jose, Northridge) to discuss project.

 

StatuscolourGreentitleCompletedMeet with Ex Libris to discuss options for Shibboleth.

 

StatuscolourGreentitleCompletedAll campus Primo SPs registered with InCommon

 

StatuscolourGreentitleCompletedInitial testing of Shibboleth with Chancellor's Office.

 

StatuscolourGreentitleCompletedIntroduce campus Identity Management groups to project

 

StatuscolourGreentitleCompletedMeet with library project managers to discuss how best to move this task forward.

 

StatuscolourGreentitleCompletedGet a list of campus identity management contacts

 

StatuscolourGreentitleCompletedCampus Primo instances made available

 

Status
colourBlue
titleIn-Progress

Check-in with campus identity management and library staff on progressTBD

Status
colourBlue
titleIn-Progress

All campus Primo and Alma instances set-up

 

Status
colourRed
titleNot started

Documentation

Meeting Notes:

Documentation

This documentation is for your Shibboleth administrator.  They will need to modify the Shibboleth configuration to work with Alma.  Alma should already be configured to support Shibboleth.


Project Team

Dolph Chaney (Project Manager)
Dolph.Chaney@exlibrisgroup.com

James Tapia (Shibboleth)
James.Tapia@exlibrisgroup.combrandon dudley (Unlicensed), Lauren Magnuson (Unlicensed)
RoleName
Project lead

David Walker

Chancellor's Office Contacts

Marcus Mizushima (Shibboleth)
mmizushima@calstate.edu

Michael Trullinger (Dir. Tech Infr.)
mtrullinger@calstate.edu

Carol Kiliany (Project Manager)
ckiliany@calstate.edu

Ex Libris ContactsInformed / Other Stakeholders

Wei Dai
Wei.Dai@exlibrisgroup.com

Campus Contacts


Contact

Campus

TitleEmailPhone
Trullinger, MichaelCO-ITSAssociate Director, Identity and Access Management mtrullinger@calstate.edu562-951-4295
Mizushima, MarcusCO-ITSLead Identity Management Analystmmizushima@calstate.edu562-951-4532
Kilingenstein, NateCO-ITSIdentity Mangment Analyst nklingensein@calstate.edu562-951-4286
Kiliany, CarolCO-ITSProject Managerckiliany@calstate.edu562-951-4214
Fleming, MichaelBakersfieldNetwork Analystmfleming@csub.edu661-654-2118
Aquino, HerbChannel IslandsManager, IT Infrastructureherb.aquino@csuci.edu805-437-8550
Miller, AndyChicoSenior Director, Enterprise Applicationslamiller@chico.edu530-898-3169
Chang, Bill Dominguez HillsDirector, Enterprise Applicationsbchang@csudh.edu310-243-3702 
Lim, GeneEast BayDir, Sys & Infrastructure Enggene.lim@csueastbay.edu510-885-7283
Mize, MikeFresnoOperating Systems Team Leadmikem@csufresno.edu559-278-3923
Luzzi, JoeFullertonIT-Enterprise Resource Planningjluzzi@exchange.fullerton.edu657-278-3251 
Callahan, JoshHumboldtInformation Security Officerjosh.callahan@humboldt.edu707-826-3815
Santana, JesseLong BeachDir, Servers, Systems&Web SvcsJesse.Santana@csulb.edu562-985-4750
Lee, MichaelLos AngelesAssociate Director, CMS and Enterprise Systemsmlee40@cslanet.calstatela.edu323-343-2651 
Sosa, PaulMaritime AcademyOperating Sys Analystpsosa@csum.edu707-654-1728 
Mann, StevenMonterey BayAssociate Director of Network Servicessteven.mann@csumb.edu831-582-4533
Jeff ArltMoss LandingNetwork Administratorjarlt@mlml.calstate.edu831-771-4425
Krezwinski, KevinNorthridgeDirector, Applications Developmentkevin.krezwinski@csun.edu818-677-5911
Arboleda, AlPomonaChief Technology Officeraarboleda@cpp.edu909-979-6449
Pike, BrennanSacramentoIdentity Management Leadpikejb@csus.edu916-278-7635
Torner, JavierSan BernardinoInformation Security Officerjtorner@csusb.edu909-537-7720
Jeffers, MarcusSan DiegoLead Identity Management Analystmjeffers@mail.sdsu.edu619-594-5432
Nagore, Basha San FranciscoIdentity Management Analystnagore@sfsu.edu415-405-4346
Cook, MikeSan JoseDir. Identity, Sec. & Ent Compmike.cook@sjsu.edu408-924-1705
Malone, DanSan Luis ObispoIdentity Architectdmalone@calpoly.edu805-756-6326
Margo LopezSan MarcosDirector, Systems Integration and Identity Managementmargo@csusm.edu760-750-4786
Brian BiggsSonomaAnalyst/Programmerbrian.biggs@sonoma.edu707-664-2047
Cardoza, CoreyStanislausAnalyst/Programmerccardoza@csustan.edu209-667-3731