EZproxys supports Single-Sign-On User Authentication for ebrary, and this is the preferred method for access. In this configuration, EZproxy does not proxy access to ebrary, but instead uses an ebrary API to authenticate users directly to ebrary. This replaces the ebrary sign-in process and provides an automatic personalized ebrary bookshelf. Single-Sign-On also improves performance and reduces proxy traffic, as the user interacts directly with ebrary and not through EZproxy.
EZproxy also supports proxy access to ebrary, though this is not the preferred method. If you require this option, contact ebrary Customer Support at email@example.com.
The configurations below are compatible with EZproxy V5.7.44 and later. OCLC recommends upgrading to V5.7.44 or newer to use this configuration.
Note: When using the single-sign-on configuration with ebrary, EZproxy will pass your users' username to ebrary during authentication due to the Option ebraryUnecodedTokens directive. The username is considered in some cases to be personally identifiable information (PII).
To activate ebrary Single-Sign-On User Authentication:
Add the following stanza to config.txt:
xxxxx with your ebrary site name.
It is very important that you back up the ezproxy.tkn file on a regular basis; see the section below.
If you are switching from ebrary proxy access to Single-Sign-On, existing user created ebrary bookshelves will need to be migrated to the new automatic bookshelves, ebrary Customer Support will provide additional information.
To maintain persistent identifiers, EZproxy requires unique user login information, and most EZproxy user authentication methods provide such information. AutoLoginIP and referring URL are incompatible since they do not provide unique user information.
Sites that use CGI authentication should insure that they are providing "loguser" information to associate distinct user information. See CGI Authentication for more information, including reference scripts for implementing CGI authentication.
7 line (with SSL certificate)
5 line basic configuration (no SSL certificate, and whenSSL requirement is disabled):