RemoteAuth: Who Should Use the ILLiad SAML Module?

Print Friendly and PDF Follow

Are you thinking about implementing the SAML module released in ILLiad 9.2 and wondering who should use it and what the benefits are? In this article, we’ll answer this question and many others to help you determine if the SAML module is right for you.

Who do we recommend using the SAML module? | Do you recommend self-hosted sites use this module? | If I’m using another SAML-based system (e.g., the IIS SAML application), should I switch to the ILLiad SAML module?What are the benefits of RemoteAuth?What are the benefits of the SAML Module?If I’m using dual-authentication, can I still use the new module?What are some recommended IDPs?What is SAML? | What is the ILLiad SAML module?

Who do we recommend using the SAML module?

  • OCLC hosted sites as a native alternative to 3rd party authentication methods (e.g., EZproxy, CAS).
  • A solution for those who are unable to install their Service Provider module on the ILLiad Server.

Do you recommend self-hosted sites use this module?

While this module is installed as a part of the 9.2 updates, it’s specific to ILLiad whereas using an alternative such as Shibboleth will allow the same functionality and will work with many other service providers (SP) your institution may use. Not just ILLiad.

If I’m using another SAML-based system (e.g., the IIS SAML application), should I switch to the ILLiad SAML module?

If you have already configured Shibboleth or another SAML-based system to work with ILLiad you should continue using your existing solution upon updating to ILLiad.

What are the benefits of RemoteAuth?

  • Users don’t need to remember a new username/password.
  • External system can use 2FA without ILLiad needing to know about it.
  • User info can be automatically sent to ILLiad via the user creation feature.

What are the benefits of the SAML Module?

  • Built-in option for ILLiad patrons to authenticate with SAML providers (e.g., OpenAthens).
  • Allow sites to pull in extra information through the Authentication Enhancements & User Creation released in v9.1. The Automatic User Creation feature can be leveraged through the use of the RemoteAuthValidation table feature to populate the user record with patron information from external systems. If the user record exists in ILLiad, the RemoteAuthValidation table will update the user record.

If I’m using dual-authentication, can I still use the new module?

  • Yes, you can, there will be some additional configuration steps though.

What are some recommended IDPs?

  • OpenAthens.
  • Shibboleth.

What is SAML?

SAML stands for Security Assertion Markup Language. SAML is a protocol used for communications between Service Providers (e.g., ILLiad) and Identity Providers (e.g., a campus single sign-on system).

What is the ILLiad SAML module?

The Atlas SAML module will be downloaded as a new component to C:\ILLiad\SAML when updating to or installing the ILLiad 9.2 Server. This module contains integrated support for Remote Authentication via Security Assertion Markup Language (SAML) meaning that additional software will no longer need to be installed on the ILLiad Server to communicate with authentication systems. Essentially it acts as a module that communicates via SAML messages to the authentication software or identity provider living on another server.

 

Questions?

If this article didn’t resolve your issue, please contact Atlas Support for assistance:

Contact Support