Set EZproxy using two authentication options with SAML as the default
Symptom
- Set up SAML as the default authentication but have a second authentication called by a variable
Applies to
- EZproxy
Resolution
Normally when setting multiple authentications where one is SAML it is set so the SAML requires a variable to be called to trigger EZproxy to use it as as described here. You can do the opposite, where SAML is used for a normal starting point URL, but you can have a special URL calling a secondary authentication type for certain users that would not be able to authenticate using SAML.
In the user.txt you would set it like this, this example shows text file authentication being used for the second authentication type.
::Shibboleth
Group NULL
If !(login:auth eq "text"); IDP20 https://saml.entityid.com
/Shibboleth
::auth=text
::file=/patron.file
With this if you go to https://login.ezproxy.com/login you would get sent to the SAML login page (since it does not have auth=text).
If you go to https://login.ezproxy.com/login?auth=text you would instead get the EZproxy login page and can enter the credentials for the second authentication method.