OPAC proxying
In the simplest EZproxy configuration, your OPAC is configured as a database, then you have people access it using a starting point URL. However, this setup requires that remote users authenticate to EZproxy before they can search the OPAC. This setup either requires that all remote users of the OPAC have access, or that an EZproxy and a non-EZproxy link be provided.
Many libraries would prefer to have a single URL that would allow local users to access the OPAC and electronic resources without authentication, remote visitors to search the OPAC, and remote affiliated users to search the OPAC and authenticate to access databases. The following configuration demonstrates how to combine the EZproxy AutoLoginIP and Groups to create a single URL that meets all of these needs.
Strategy
AutoLoginIP provides a way to have EZproxy provide automatic access without requiring authentication. The main use of this mechanism is to provide branch libraries with access to licensed resources that do not recognize the IP addresses of the branch location. In this example, AutoLoginIP is used to allow remote users to access the OPAC through EZproxy without the users being required to authenticate.
Groups can be used to allow different groups of users to have access to different groups of databases. In this example, Groups are used to force remote users to authenticate when they try to access licensed databases.
Once this configuration is in place, you should have your users use a URL similar to:
http://ezproxy.yourlib.org:2048/login?url=http://opac.yourlib.org/
to access your OPAC. Such a URL will allow the AutoLoginIP logic to automatically log users in to access the OPAC, and will also insure that EZproxy will prompt them when they try to access any other resources that EZproxy is configured to manage.
config.txt
These sample lines from config.txt demonstrate how to place your OPAC in an OPAC group, and place all other databases in the Default group.
This configuration requires EZproxy 2.2c (2003-08-14) or later.
# Group statements that appear before AutoLoginIP statements determine # which group(s) EZproxy will assign to users who are automatically logged in.
Group OPAC # This AutoLoginIP statement tells EZproxy that all IP addresses should # be automatically logged in for the OPAC database definition AutoLoginIP 0.0.0.0-255.255.255.255 # This ExcludeIP statement overrides automatic login for local # users who do not need to be proxied ExcludeIP 192.168.0.0-192.168.255.255 # The Group statement also places the OPAC database entry into the # OPAC group since no other Group statement has appeared.
Title Your OPAC URL http://opac.yourlib.org/ # Don't use "Domain yourlib.org" since we do not really want to # proxy every one of your local servers. This HJ statement will tell # EZproxy to perform JavaScript processing on just the OPAC system, # but not proxy any other hosts. HJ opac.yourlib.org # This Group statement declares that all remaining databases will # be placed in the Default group, which separates them from the OPAC group.
Group Default # This IncludeIP statement reverses the previous AutoLoginIP statement # and tells EZproxy that everyone should be required to authenticate. IncludeIP 0.0.0.0-255.255.255.255 # But one again, we need a ExcludeIP statement so local users won't be required # to authenticate to gain access ExcludeIP 192.168.0.0-192.168.255.255 # The rest of your database definitions appear from here on
Title Some Database URL http://www.somedb.com/ D somedb.com
user.txt
If you are not using Groups with EZproxy, then simply make this the first line of your user.txt file:
::group=Default+OPAC
If you are using Groups with EZproxy, then you must insure that all users are assigned into the OPAC group in addition to any other groups.