- Signing in to EZproxy through an integrated SAML service does not allow user access to the EZproxy Administration page
Individual user accounts needing Administrator access can be added to the
Admingroup by updating the
shibuser.txtfile in EZproxy. Depending on the desired value for the user name, different attributes could be supplied. An example might be:
If auth:NameID ne ""; Set login:loguser = auth:NameID
Set login:user = auth:NameID
In this example, the value for the attribute
NameID is supplied by the authentication service, and the attribute is passing the full email address. Only this
user will be identified as belonging to the Admin group via this method.
If unsure about the attributes being passed by your authentication, the action
msgauth can be added as a single line at the beginning of the
shibuser.txt file. This will record the data being communicated from your SAML service to the messages file, which can be used to identify the attributes being passed. Contact your authentication administrator to confirm the attribute names. Remove the
msgauthaction after identifying the necessary attribute, otherwise SAML data will continue to populate the messages file and can lead to performance issues.
If you are hosted by OCLC, contact OCLC Support for assistance setting up an Admin user.