Online Library Remote Access Through Proxy Server
-
Upload
gloria-sweet -
Category
Documents
-
view
25 -
download
2
description
Transcript of Online Library Remote Access Through Proxy Server
Online Library Remote Access Through Proxy ServerStudent: Paruyr HovakimyanSupervisor: Albert MinasyanReferee: Aram Hajian
Abstract• The purpose of “Online Library Remote
Access through Proxy Server” project is to build the web application which will allow to login into the application with given username and password and access online repositories with IP restrictions.
• This project was initiated by American University of Armenia in order to let the students and faculty members to use library materials from abroad of campus.
Table of Content•Introduction•Problem description and research
▫Detailed description of the problem▫Research
•Implementation▫Components▫Security
•Conclusion•Suggestions for Future Work•References
IntroductionAUA E-References
ACMAGORAEBSCO
2
IP Control
AUA Proxy ServerACM
EBSCOAGORA
User in AUA
User abroad AUA
Allowed
Rejected
Authentication
Problem description and research
•Detailed description of the problem▫Requirements
•Research▫Solutions
Detailed description of the problemConsider following situations• Scenario 1
▫medical-school professor takes up a practice in a university-affiliated clinic needs to access BioMed web site
• Scenario 2▫During vacation professor wants to do research
and needs to access Oxford English Dictionary• Scenario 3
▫Number of students wants to access library online materials from home
AUA prescribed the problem (Requirements)AUA stated following requirements
▫To have the system which will give the access to bought virtual libraries from anywhere to all students and faculty
▫The system will work on existing Sun Fireware hardware with Solaris 10 operating system installed on it
▫There should not be any client-side installation or setup to work with the system
▫The system should be less expensive and use well known technologies to simplify further development and management
Research
•Possible solutions to the problem ▫VPN Access▫Proxy Servers▫Pass-Through Proxy Servers
VPN Access
Proxy Servers
Pass-Through Proxy Servers
Why Pass-Through Proxy Strategy
•No client side configuration•Easy to manage•Needs less human resources to maintain•Easy to integrate new services•Easy to use
Pass-Through Proxy Strategy Implementations
Most known pass-through proxy strategy implementations▫EZProxy▫LibProxy
EZProxy
•Commercial product•Proxy Server with URL rewriting tool•With own user and host database•With own authentication mechanism•Possibility to integrate with Java•Possible to setup in known operating
systems(Windows, Unix, Solaris, etc.)
LibProxy
•Free open source product•Possible to integrate with MySQL database
and LDAP server•Configurable to work on port base and host
base strategy (http://avsl.aua.am:2050, http://2050.avsl.aua.am )
•Possible to setup on limited operating servers (Unix, Solaris)
•Needs Apache server with perl module
Decision (EZProxy) Comparing two products EZProxy was chosen
because:▫Unlike EZProxy which is simple to install, LibProxy
require a lot of preinstalled packages to be in OS▫EZProxy has very good installation and usage
guides▫Since EZProxy is commercial product it has good
maintenance and support▫There are number of publications that advice
EZProxy to use as one of the stabile pass-through proxy server
▫EZProxy works as stand alone application
Implementation
Components•Application
▫E-science-library (which during setup in AUA was named Armenian Virtual Science Library(AVSL))
•DataBase▫MySQL
•Authentication▫Open LDAP Server
•Web/EJB container▫Sun Java System Application Server
AVSL Web Pages Navigation Work Flow
Request flow chart
Forwarding mechanism • EZCGIServlet
String forwardUrl = ezproxyUrl + "/login?user=“ + URLEncoder.encode(user, "UTF-8“) + "&ticket=“+URLEncoder.encode(getKeyedDigest(ezproxyKey + user + timestamp)+ timestamp, "UTF-8") + "&qurl=" + URLEncoder.encode(url, "UTF-8");
Security
•Only users with valid session access the EZCGIServlet▫ http://avsl.aua.am/AVSL
/ezcgi?user=username&url=http://www.bl.uk
•Double checking▫ECGI Servlet sends a ticket to EZProxy
with MD5.▫EZProxy receives the ticket (the user name,
time stamp) it recalculates the message digest and compare it with the ticket.
▫Request is valid only if the two are identical
Successful opened ACM portal
Conclusion•Possibility to purchase the expensive licenses
and provide them freely to the students, faculty
•AVSL uses Directory Server for authenticating users ▫Which make administration easier
•The System uses strong security mechanism to check and give appropriate role to logged in user
•AVSL System uses EZProxy server for accessing the publishers’ resources
•No need for clients to do any configuration
Suggestions for Future Work
•Full integration with EZProxy•The ability to synchronize needed virtual
hosts between System and EZProxy hosts list
•The ability to synchronize users between LDAP System and EZProxy users list
•Add different services, such as enhanced searching capabilities, digital library control systems, etc. into AVSL platform.
References• [1] Jalal B Raouf, “Design of Iraqi Virtual Science Library”, 2007.• URL: http://e-science-library.dev.java.net• [2] Albama SuperComputer Authority, “Alabama Virtual Library• (AVL)”, 2000. URL: http://www.avl.lib.al.us/about/index.html • [3] URL: http://www.who.int/hinari/about/en/ • [4] URL: http://www.aginternetwork.org/en/about.php • [5] URL: http://portal.acm.org • [6] URL: https://www.ivsl.org• [7] By Jayson Falkner (et. al.), “Servlets and JavaServer Pages™:
The J2EE™ Technology Web Tier”, Addison Wesley, United State of America, September 19, 2003.• [8] By Bruce W. Perry, “Java Servlet & JSP Cookbook”, O'Reilly Media Inc., United States of America, January 2004.
[10] NetBeans(IDE) help contents.
Thank YOU!