Recommended Changes for III Authentication with EZproxy 4.0a

EZproxy 4.0a records an error to messages.txt/ezproxy.msg when PartialNameMatch and certain forms of Test are used. These errors can be ignored and are corrected in EZproxy 4.0b.

When updating to EZproxy 4.0a GA (2006-08-02) or later, OCLC recommends that sites that use III authentication and do not currently handle the Refused, Invalid, or Expired conditions add the line:

IfRefused; Deny irefused.htm
IfExpired; Deny iexpired.htm
IfUnauthenticated; Stop


after the Host line to retain the behavior of the older version and to minimize the interaction with other user.txt/ezproxy.usr directives.

OCLC also recommends changing the action Allow to Stop. Allow and Stop perform the same function, with Allow implying access wiil be provided when in reality this is not always the case.

An example of applying these updates is to change this existing configuration:

::III
Host iii.mylib.org
IfType 100,105,110; Allow
Deny itype.htm
/III


to this:

::III
Not IfUser -RE [0-9]+; Stop
Host iii.mylib.org
IfRefused; Deny irefused.htm
IfExpired; Deny iexpired.htm
IfUnauthenticated; Stop
IfType 100,105,110; Stop
Deny itype.htm
/III


This configuration also adds a "Not IfUser" directive to validate that your barcodes contain only digits. If you use barcodes that contain more than just digits, exclude the "Not IfUser" for now and contact support@oclc.org for help constructing a filter for your barcodes.

If you are unclear how to apply these changes to your configuration, please contact support@oclc.org for assistance.