...
in this case the user is not provided with Federated access and is permitted via her IP address.
The USER: you with EZproxy local credential (in this way you get the authorised IP address)
The EZproxy portal is: https://ezproxy.fi.infn.it/
The federated resource is: https://sp24-test.garr.it/i...
The not federated resource is https://sp24-test.garr.it/i... (access permitted only through the IP of the proxy)
- login to "Local access to Library services:" in order to get the local IP address of the proxy
- Choose FR https://sp24-test.garr.it/i...
- note the URL on the address bar of the browser. Your SAML SSO session is active:
- if you see ezproxy.fi.infn.it, then your page is rewrited by proxy and you get the page from the Resource via IP addr authorization
- if you dont see ezproxy.fi.infn.it, this means that you got a SAML SSO session, based on IP addr authentication provided by Shibboleth
- note the URL on the address bar of the browser. Your SAML SSO session is active:
- Choose NFR https://sp24-test.garr.it/i...
- note the URL on the address bar of the browser. You are permitted to access thanks to the rewriting rule of the proxy nd you get the page from the Resource via IP addr authorization
Benefts
- A user use only one unified method of authentication to access both federated and not federated resources
- For each resource the Library logs the access in a unified way. If a Resource is federated, only federated access will be allowed, and IP based auth wont be permitted anymore. If a Resource is not federated, the user gets the access via IP address auth, and the proxy will log the access o that resource in this way.
...