EZproxy supports Single-Sign-On User Authentication for ebrary, and this is the preferred method for access. In this configuration, EZproxy does not proxy access to ebrary, but instead uses an ebrary API to authenticate users directly to ebrary. This replaces the ebrary sign-in process and provides an automatic personalized ebrary bookshelf. Single-Sign-On also improves performance and reduces proxy traffic, as the user interacts directly with ebrary and not through EZproxy.

EZproxy also supports proxy access to ebrary, though this is not the preferred method. If you require this option, contact ebrary Customer Support at support@ebrary.com.

The configurations below are compatible with EZproxy V5.7.44 and later. OCLC recommends upgrading to V5.7.44 or newer to use this configuration.

Single-Sign-On Configuration

Note: When using the single-sign-on configuration with ebrary, EZproxy will pass your users' username to ebrary during authentication due to the Option ebraryUnecodedTokens directive. The username is considered in some cases to be personally identifiable information (PII).

To activate ebrary Single-Sign-On User Authentication:

  1. Contact ebrary Customer Support at support@ebrary.com to arrange the ebrary configuration for single-sign-on. For more information about setting up SSO with ebrary, see ebrary's support site: EZproxy Single Sign On (SSO).

  2. Add the following stanza to config.txt:

    Option ebraryUnencodedTokens
    ebrarySite xxxxx
    Host site.ebrary.com
    URL http://site.ebrary.com/lib/xxxxx
    Neverproxy *.ebrary.com 

    replacing xxxxx with your ebrary site name.

  3. Test with ebrary.

It is very important that you back up the ezproxy.tkn file on a regular basis; see the section below.

If you are switching from ebrary proxy access to Single-Sign-On, existing user created ebrary bookshelves will need to be migrated to the new automatic bookshelves, ebrary Customer Support will provide additional information.

Single Sign On Details

User authentication method requirements

To maintain persistent identifiers, EZproxy requires unique user login information, and most EZproxy user authentication methods provide such information. AutoLoginIP and referring URL are incompatible since they do not provide unique user information.

Sites that use CGI authentication should insure that they are providing "loguser" information to associate distinct user information. See CGI Authentication for more information, including reference scripts for implementing CGI authentication.

Using EZproxy without Single-Sign-On (non-SSO):

7 line (with SSL certificate)

Option DomainCookieOnly
Title ebrary
URL http://site.ebrary.com/lib/CHANNELNAME
DJ ebrary.com
Find "site.ebrary.com/
Replace "^psite.ebrary.com^/
Option Cookie

5 line basic configuration (no SSL certificate, and whenSSL requirement is disabled):

Title ebrary
URL http://site.ebrary.com/lib/CHANNELNAME
DJ ebrary.com
Find "site.ebrary.com/
Replace "^psite.ebrary.com^/