The following section discusses the logon and registration process using the default Aeon Logon and User Registration pages. Aeon is configured by default to send a welcome letter to your newly registered users if they have registered via Standard Aeon or RemoteAuth authentication.
By default, all Aeon installations are setup with Standard authentication. Standard authentication does not verify user information against any external system upon registration or login. This type of authentication allows anyone with access to the registration pages to register him or herself, choose a username and password, and then use that username and password to login to the Aeon web. Users only need to register once and can update the information as often as necessary. Once a customer registers with Aeon he or she is allowed to login to the web interface until staff either blocks the user from submitting any further requests or disavows the user from the system. See Standard Aeon Authentication for more information.
Logging into Aeon
When a user needs to place a request in Aeon, they must first log in.
Users log into Aeon on the Aeon Logon page by entering their Username and Password and clicking the Logon to Aeon button.
New User Registration
New users must register with the system before placing requests. This includes choosing a username and password and completing a New User Registration Form. Clicking on the First Time Users link under the Aeon Logon accesses the First Time User Registration information page. This page provides you with important information about Aeon and a link to the New User Registration Form.
First Time User Registration Page
The default version of this page contains information about Aeon registration, the Aeon username and password, and copyright law as well as a section titled Aeon FAQ. To open the New User Registration Form, click the button at the bottom of the page, First Time Users Click Here.
Aeon Frequently Asked Questions Page
Clicking the FAQ link in this section takes you to the Aeon FAQ page. This page answers several important questions related to the use of Aeon. To return to the First Time User Registration page from the FAQ, click the back button on your browser.
New User Registration Form
Upon clicking the First Time Users link, the New User Registration for Aeon page opens. To register for Aeon, users enter their information into the form, select a Username and Password, and click the Submit Information button. Required information is designated by a red asterisk. After clicking Submit Information the new user is taken to the Main Menu web page and can begin submitting requests. If your site has configured Aeon to automatically send a new user registration email when a user registers via Aeon, it will be sent when the registration form is submitted.
The Aeon Main Menu
When a user logs into Aeon, they are taken to the Aeon Main Menu page. Once a new user has registered with the system and chosen an Aeon username and password, they are also taken directly to the Main Menu. From here, users can access the following menus:
- New Request: create new requests.
- Requests: view requests and access them to edit, merge or clone.
- Orders: view Activities to which the patron is linked.
- Activities: change user information.
- Preferences: change password.
New users are allowed to submit requests immediately after registering, but are marked as "not cleared" in the client. Staff can then review those users and disavow them if they are not allowed to use the system (which also cancels the users' requests) or clear them as valid users. Staff can clear customers at any point in the process.
If your institution has an LDAP server available with potential Aeon users in it, you can use that server to authenticate any patrons. This server does not necessarily need to contain all potential Aeon users, as those who do not exist can be added through the client by staff or register themselves if given a link to the registration page. Users cleared via LDAP are verified against the LDAP server at registration and each time they log on to Aeon.
LDAP passwords are not stored in the Aeon database and are only used when typed in by the user to match against the LDAP server during registration and login. The password field in the Aeon database stores the encrypted version of a blank value, but is not used for any authentication.
New User Registration
New users must register with the system before placing requests. Since they are verified against your LDAP server during registration, they do not need to be cleared. Users cleared via LDAP register for an Aeon account in the same manner as described in the New User Registration section above under Standard Authentication.
If you do not want your users to enter a username and/or password to use Aeon, but want to pass a known username to Aeon for registration and login, you can setup RemoteAuth authentication. While there are few Aeon customizations to enable this authentication, it does require technical knowledge of setting up your external authenticating system and having that server send information to the Aeon web server. See RemoteAuth Authentication for more information.
Logging into Aeon
When a user needs to place a request in Aeon, they must first log in. Login is handled by your external RemoteAuth server and your user will not see the standard Aeon logon page. Once they are authenticated via the remote server, they are sent to the Aeon Main Menu if they have registered before or to the New User Registration form if they have never registered.
New User Registration
See the New User Registration section above under Standard Authentication for the details of user registration. If your site has configured Aeon to automatically send a new user registration email when a RemoteAuth user registers via Aeon, it will be sent when the registration form is submitted.
If you are using Innovative Interfaces as your ILS/OPAC and have purchased their PatronAPI module, you can setup Aeon to authenticate users against that PatronAPI server for registration and login. PatronAPI Authentication can be setup to either auto-clear customers who match entries in the PatronAPI server or to restrict access for both registration and login to the system. See PatronAPI Authentication for more information.
New User Registration
New users must register with the system before placing requests. They will register as with Standard Authentication but will be cleared based on the PatronAPI setup. Users cleared via PatronAPI register for an Aeon account in the same manner as described in the New User Registration section above under Standard Authentication.
Some institutions would like to limit access to the Aeon web to a known list of users. This list can come from any external database and be imported into the UserValidation table in Aeon for the Aeon web to verify against before allowing users to register or login. All users must be in the UserValidation table. Users cannot self-register from the web, and staff cannot add users through the client.
For example, when John Smith first attempts to use Aeon, he would type in his library card number and his lastname into the username and password fields on the logon form.
- He would not need to click on a First Time Users link to register.
- Aeon first checks if the username 123456789 exists in the Users table. If not, it then checks if the username 123456789 exists in the UserValidation table.
- That username is found, so Aeon then checks if the encrypted value of "smith" matches the value in the Password field of UserValidation.
- It doesn't match (because the Password field is blank), so Aeon then checks if the value of "smith" matches the value in the PlainTextPassword field of UserValidation.
- That value matches so John Smith's username is added to the Users table with an encrypted version of "smith" stored in the Password field of the Users table.
- John Smith is then directed to the NewAuthRegistration.html page to fill out any other necessary information for his user account.
- If other fields were populated in the UserValidation table, those values would appear on the registration form.
- After registering, if John Smith returns to the Aeon web, he would again enter his username of 123456789 and his password of "smith" on the logon form.
- Aeon would verify that 123456789 exists in Users as well as verify that 123456789 still exists in UserValidation.
- It would no longer verify the Password or PlainTextPassword fields in UserValidation, but would verify the encrypted value of what John Smith typed in with the encrypted value stored in the Users table.
- As long as John Smith has not been disavowed by staff in the client, he is then allowed to login to the system.
See Aeon Exclusive Authentication for more information.