...
The Circulation Manager occupies the Service Provider (SP) role in the SAML Protocol and authenticates a patron against an Identity Provider (IdP).
Anchor SAML Shobboleth FLow Diagram SAML Shobboleth FLow Diagram
SAML
| SAML Shobboleth FLow Diagram | |
| SAML Shobboleth FLow Diagram |
SAML-based authentication workflow for patrons is depicted on the picture below:
...
Both the Circulation Manager and IdP should have their metadata registered with each other. In the simplest case it can be a Shibboleth environment where SP’s metadata is added to IdP’s configuration and vice versa. However, the better solution would be to register the Circulation Manager in InCommon Federation which would allow to use of any IdPs in the federation.
Anchor SAML EZProxy SAML EZProxy
SAML with EZ Proxy
| SAML EZProxy | |
| SAML EZProxy |
The picture below shows how the workflow looks like in the case when the content is protected by a SAML authentication mechanism: either via SAML proxy or EZProxy with SAML authentication turned on.
...