ScienceDirect now available through the Federation
Initially posted on Wednesday, 5 April 2006
Provides access to over 1500 scientific, technical & medical peer-reviewed journals from Elsevier Science and other publishers – search over 40 million abstracts from scientific articles, link out to articles from over 80 other publishers.
| Org. | Service | Shib. | Attribute | Notes | Required |
|---|---|---|---|---|---|
| Elsevier Science | ScienceDirect | eduPersonTargetedID | 2,6 | No | |
WAYFless URL: If your Shibboleth SSO service URL is https://shib.some-institute.edu/shibboleth-idp/profile/Shibboleth/SSO, and you want to point your users to the main page of the journal Cell on ScienceDirect(http://www.sciencedirect.com/science/journal/00928674) then the session initiation URL or WAYFless URL for this is:
https://shib.some-institute.edu/shibboleth-idp/profile/Shibboleth/SSO?target=https%3A%2F%2Fwww.sciencedirect.com%2Fscience%2Fjournal%2F00928674&shire=https%3A%2F%2Fsdauth.sciencedirect.com%2FSHIRE%2FSAML%2FPOST&providerId=https%3A%2F%2Fsdauth.sciencedirect.com%2F
In principle, all ScienceDirect URLs can be used as target URLs, however it is safest to use ScienceDirect’s published set of persistent “Short Cut” URLs to link to specific pages in the site as these are guaranteed not to change (again - bear in mind to use the https:// prefix). For more information on persistent ScienceDirect URLs, go here: http://info.sciencedirect.com/implementation/linking/.
This service is available for subscription to UK HE, FE & research councils through JISC Collections.
Notes:
2. Many services can make use of the eduPersonTargetedID attribute. This is a persistent opaque identifier, which enables service personalisation (remembering data about a user over different login sessions) without the service provider knowing who the user is. If the identity provider supplies the eduPersonTargetedID attribute, the session is treated similarly to an Athens personal account. Otherwise, the service's personalisation features (e.g., saved searches) may be disabled, though the service will still function in the same way as with Athens shared accounts. With some services (e.g., Zetoc Alert) this attribute is mandatory. If so, it is marked as "Required/Yes" in the table in Attribute Usage.
A Shibboleth identity provider can generate the opaque eduPersonTargetedID attribute automatically from some other stored attribute that holds the user id in the clear. All values of the stored attribute must be unique, and, preferably, not subject to reuse. If the only suitable available stored attribute might be reused then care must be taken (particularly for organisations asserting user accountability) to ensure that no value of that attribute is reallocated to another user for at least two years after being cancelled.
The actual modification depends on the contents of your directory, but if there is a suitable attribute in the directory called, say, "uid" then you should modify your resolver.xml file to include the following:
<PersistentIDAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonTargetedID"
scope="SSSSSSSS" sourceName="uid">
<DataConnectorDependency requires="directory"/>
<Salt>XXXXXXXXXXXXXXXXXXXXXXX</Salt>
</PersistentIDAttributeDefinition>
Replace the scope "SSSSSSSS" with the domain for which the attribute is to be asserted, e.g., "uni.ac.uk". The <Salt> is a constant, arbitrary value that you should choose once and keep secret. The value must be at least 16 characters long, otherwise the software will silently ignore it and expect the value to be supplied from a Java keystore. The Salt value is used to generate the persistent opaque identifier from the scope and some other attribute, normally the user id (assumed in the example above to exist within the directory as an attribute called "uid"). Its purpose is to prevent attempts to work back from the opaque identifier to the user's identity by combining knowledge of the scope and the hash function used with an exhaustive search of the possible user ids.
The default Shibboleth attribute release policy does not release eduPersonTargetedID. You must therefore manually edit the arp.site.xml file to enable this feature, as described under Attribute Release below.
Please note a caveat about the definition of eduPersonTargetedID in some older versions of the resolver.xml file.
6. Some services (e.g., ScienceDirect) grant access based on the name (entityID) of the identity provider used, rather than on the basis of user attributes. Therefore, it is not necessary to release any user attributes to such services to gain basic access, though some services may make use of additional attributes if they are supplied; for example, ScienceDirect can make use of eduPersonTargetedID.