This project allows EZproxy to authenticate users stored in the Ex Libris Identity Service via EZproxy external script authentication.
See this video for a walk-through of installing and configuring the authenticator.
The authenticator can be configured to return an EZproxy group based on the user's group. The configuration takes the form of a "JSON" object such as the below:
{
"Staff": ["ST"],
"Graduate Students": ["GR", "DC"],
"Everyone": ["*"]
}
You can use the value * as a catch-all if you want a default group.
The value should then be compacted and added in the EZPROXY_GROUP_MAPPING environment variable. The compact view removes new lines and spaces:
{"Staff":["ST"],"Graduate Students":["GR","DC"],"Everyone": ["*"]}
In addition, an Alma API key with read access for users is required and should be in the ALMA_APIKEY environment variable.
The easiest way to use this authenticator is to use Amazon Web Services (AWS). AWS has starter and free tiers which make hosting the authenticator nearly free. To deploy to AWS, log into your account (or create a new one). Then follow the instructions below.
- Click on this link to open the AWS console.
- Fill in the specified parameters and check off the boxes in the Capabilities and transforms section and then click the Create stack button
- AWS will create the necessary components. When it's complete, the stack will be in the CREATE_COMPLETE state. Click the Outputs tab to view the URL for the connector. You will use the URL to configure Primo in the following section.
Follow the intructions in the EZproxy documentation to add this line to the user.txt file:
::external=https://********.execute-api.us-east-1.amazonaws.com/,post=user=^u&pass=^p