[Hidden-tech] Proxy server to access protected website
Chris Hoogendyk
hoogendyk at bio.umass.edu
Wed Nov 18 15:35:40 EST 2009
I had failed to note in the original post that they were talking about
EZProxy. That's a standard program used by libraries and universities to
access electronic resources from publishers and aggregators who
typically permit access from any IP address within your library or
university subnet. Your students and faculty who are offsite can connect
through EZProxy by supplying their university login to EZProxy, which
then passes their connection through to the electronic resource.
I maintained such a server several years ago. The support from the
developer was awesome. I see now that OCLC has acquired the software.
Generally, that would be considered a positive note from a library's
perspective. I would presume that OCLC still provides excellent support.
They ought to be able to talk to both the vendor and their customer and
say whether it should work and how to do it. The original developer
would often dive in and make it work, even if it required adding or
modifying code.
So, for George, that's the route I would go. Contact OCLC. Tell them you
share a customer and ask if they can help you help your mutual customer.
http://www.oclc.org/ezproxy/support/default.htm
---------------
Chris Hoogendyk
-
O__ ---- Systems Administrator
c/ /'_ --- Biology & Geology Departments
(*) \(*) -- 140 Morrill Science Center
~~~~~~~~~~ - University of Massachusetts, Amherst
<hoogendyk at bio.umass.edu>
---------------
Erdös 4
Gyepi SAM wrote:
> Hi George,
>
> I think 'EZproxy software' refers to this: http://www.oclc.org/ezproxy/default.htm
>
> The listed configuration should be:
>
> U -form=post videatives http://streaming.videatives.com/session
> FormVariable authenticity_token=
> FormVariable login=USERNAME
> FormVariable password=PASSWORD
> FormVariable remember_me=
> FormVariable commit=Log in
>
>
> It looks like streaming.videatives.com is using Ruby on Rails so the POST
> url should be http://streaming.videatives.com/session, without the '/new' suffix.
> Unfortunately, this may still not work because your site is also using the
> 'Request Forgery Protection' (denoted by the authenticity_token parameter)
> and that requires the proxy server to first connect to the '/session/new' page (where it's
> assigned the token) before it POSTS to '/session'.
> I don't think EZproxy supports multistep authentication of that sort but it's worth trying.
>
> Looking at the documentation, it appears that most of the resources accessible
> through EZproxy use IP whitelists, which makes sense if users are proxied
> through a single (or a small set of) IP addresses. Some also appear to use
> single key authentication (probably in combination with whitelisting).
>
> Regards
>
> -Gyepi
>
>
> On Tue, Nov 17, 2009 at 10:26:29AM -0500, George Forman wrote:
>
>> Dear Hidden Tech,
>>
>> Would anyone have a reference for where we might find a answer to this
>> person's question about using a proxy server to create a one click
>> login to our username and password protected video library at
>> [1]www.videatives.com. A reference to an article or FQA would do fine.
>>
>>
>> BTY, the abbreviation VSS below stands for "video streaming service,"
>> our video library of over 160 clips that deal with child development
>> and early childhood education.
>>
>> Thanks,
>>
>> George Forman
>>
>> Amherst, Massachussets
More information about the Hidden-discuss
mailing list