Shibboleth FAQ

Do you support Shibboleth-only authentication?

BrowZine operates as a technology overlay which facilitates connections to a library’s existing subscribed sources and does not hold any of this content itself.  One of our goals in building BrowZine is to make the user experience as seamless as possible to connect authenticated users with content and authentication plays a big part in doing this.

With a proxy system, the user can login once, initiate a proxy session and then get full access to all entitlements with no other intervention with the proxy.  This allows us to easily build URL's on the fly which we can be assured will connect with the publishers who, by identifying the IP, provide appropriate entitlements.

Shibboleth on its own, for all its benefits, does not excel at the above use case.  Unfortunately, every publisher has a different way to start the Shibboleth session which usually involves clicking through a few screens to identify a library’s federation (though sometimes you can create WAYF-enabled URL's as well to help with this) and then there are still publisher/sources that do not support Shibboleth at all.  Many institutions who primarily use Shibboleth or another federated technology wind up running a proxy server for at least some sources to provide full coverage for off-campus users.

Because of all of this relative complexity, to do what BrowZine is known for, we would need to create a rather bespoke set of configurations for ALL an institution’s sources which is out of scope for the design of BrowZine.  In particular, when we compare this to VPN or Proxy-based systems which need just one URL prefix for all sources to work and compare it to worldwide norms, there are very few institutions who do not use a proxy/VPN system alongside a federated system.  

I heard we use Shibboleth in our authentication.  How do I know if we are compatible?

Many institutions around the world embrace Shibboleth as a Single-Sign On (SSO) Identity Provider (IdP) to enable access to resources used all over campus including email, courseware, scientific web resources, library resources and more.  However, because of the limitations described above for the user experience when accessing library resources, as well as the lack of full support from all publishers, many libraries choose to make the Service Provider (SP) not the Publisher, but instead the Proxy Server.  Thus, the IdP is enabling access to the proxy (SP) so that the proxy may be used to complete the “transaction” that the user is requesting such as access to a subscribed journal.

This leads to much confusion in the library world about what “using Shibboleth” really means when discussed in terms of authentication technology.  Whether you are using the publishers as the SP’s or the proxy, you are still “using Shibboleth” but BrowZine only supports situations where Shibboleth is authenticating the proxy.

How can I tell if my library is using a proxy authenticated by Shibboleth?

The easiest way to tell is if the domain has a proxy inserted in it after authentication from off-campus.  From your library’s home page, find a database for content behind a paywall and click the link.  If you are presented with a login screen, login.  Now take a look at the resulting URL.  If it has been “transformed” in some way to insert some additional subdomains, you are running a proxy.


EZProxy style:

WAM Proxy style:

If instead, the link looks like:

You are not running a proxy and thus incompatible with BrowZine.  

If you have any questions or find that you are running a “Shibboleth-Only” authentication system, please contact us for additional access options.

Library Configuration and FAQ

  1. About the BrowZine Taxonomy
  2. Your Institution Logo in BrowZine
  3. Publisher EZProxy Definitions and Common Issues
  4. EZProxy Configuration Instructions
  5. WAM Proxy Configuration Instructions
  6. Proxy Auto-Configuration (PAC) file Configuration Instructions
  7. Proxy Configuration Instructions
  8. How does authentication work with the BrowZine app? (iOS & Android)
  9. What is a Proxy Server and how does it work?
  10. What Proxy Servers do you Support?
  11. OpenAthens FAQ
  12. Shibboleth FAQ
  13. Does BrowZine support VPN? (iOS, Android & Web)
  14. EZProxy: Proxy by port or Proxy by Domain?
  15. Overview of the BrowZine Pairing Service (iOS & Android)
  16. LibGuide Integrations
  17. RefWorks and BrowZine (iOS & Android)
  18. BrowZine Marketing Widget - Integration Issues and FAQ
  19. BrowZine Marketing Widget - iFrame Workaround
  20. BrowZine Marketing Widget - Whitelabel Edition
  21. Getting Started with your Trial / Subscription (iOS, Android & Web)
  22. Inter-Library Loan / Link Resolvers and BrowZine (All Platforms)
  23. How do I integrate BrowZine's journal title/ISSN lookup into my library webpage?
  24. BrowZine Web & LibKey Accessibility
  25. How to integrate BrowZine within Primo
  26. How to integrate BrowZine with Summon
  27. How to integrate BrowZine within EBSCO Discovery Service (EDS)
  28. How to integrate BrowZine within OCLC WorldCat Discovery
  29. Creating a drop-down menu with BrowZine Durable URL's in HTML
  30. Extended A-Z BrowZine Web Search to cover all Library Titles
  31. BrowZine API Functionality
  32. BrowZine and OpenAthens Overview
  33. Finding your OpenAthens Redirector URL
  34. How do I add a BrowZine's journal title/ISSN search box to my OpenAthens home page?
  35. How To Find Your Primo Link Resolver Base URL
  36. Determining your ProQuest ID
  37. List of Domains to Whitelist for BrowZine and LibKey Operation

Feedback and Knowledge Base