Online Library Remote Access Through Proxy ServerStudent: Paruyr HovakimyanSupervisor: Albert MinasyanReferee: Aram Hajian

Abstract• The purpose of “Online Library Remote

Access through Proxy Server” project is to build the web application which will allow to login into the application with given username and password and access online repositories with IP restrictions.

• This project was initiated by American University of Armenia in order to let the students and faculty members to use library materials from abroad of campus.

Table of Content•Introduction•Problem description and research

▫Detailed description of the problem▫Research

•Implementation▫Components▫Security

•Conclusion•Suggestions for Future Work•References

IntroductionAUA E-References

ACMAGORAEBSCO

2

IP Control

AUA Proxy ServerACM

EBSCOAGORA

User in AUA

User abroad AUA

Allowed

Rejected

Authentication

Problem description and research

•Detailed description of the problem▫Requirements

•Research▫Solutions

Detailed description of the problemConsider following situations• Scenario 1

▫medical-school professor takes up a practice in a university-affiliated clinic needs to access BioMed web site

• Scenario 2▫During vacation professor wants to do research

and needs to access Oxford English Dictionary• Scenario 3

▫Number of students wants to access library online materials from home

AUA prescribed the problem (Requirements)AUA stated following requirements

▫To have the system which will give the access to bought virtual libraries from anywhere to all students and faculty

▫The system will work on existing Sun Fireware hardware with Solaris 10 operating system installed on it

▫There should not be any client-side installation or setup to work with the system

▫The system should be less expensive and use well known technologies to simplify further development and management

Research

•Possible solutions to the problem ▫VPN Access▫Proxy Servers▫Pass-Through Proxy Servers

VPN Access

Proxy Servers

Pass-Through Proxy Servers

Why Pass-Through Proxy Strategy

•No client side configuration•Easy to manage•Needs less human resources to maintain•Easy to integrate new services•Easy to use

Pass-Through Proxy Strategy Implementations

Most known pass-through proxy strategy implementations▫EZProxy▫LibProxy

EZProxy

•Commercial product•Proxy Server with URL rewriting tool•With own user and host database•With own authentication mechanism•Possibility to integrate with Java•Possible to setup in known operating

systems(Windows, Unix, Solaris, etc.)

LibProxy

•Free open source product•Possible to integrate with MySQL database

and LDAP server•Configurable to work on port base and host

base strategy (http://avsl.aua.am:2050, http://2050.avsl.aua.am )

•Possible to setup on limited operating servers (Unix, Solaris)

•Needs Apache server with perl module

Decision (EZProxy) Comparing two products EZProxy was chosen

because:▫Unlike EZProxy which is simple to install, LibProxy

require a lot of preinstalled packages to be in OS▫EZProxy has very good installation and usage

guides▫Since EZProxy is commercial product it has good

maintenance and support▫There are number of publications that advice

EZProxy to use as one of the stabile pass-through proxy server

▫EZProxy works as stand alone application

Implementation

Components•Application

▫E-science-library (which during setup in AUA was named Armenian Virtual Science Library(AVSL))

•DataBase▫MySQL

•Authentication▫Open LDAP Server

•Web/EJB container▫Sun Java System Application Server

AVSL Web Pages Navigation Work Flow

Request flow chart

Forwarding mechanism • EZCGIServlet

String forwardUrl = ezproxyUrl + "/login?user=“ + URLEncoder.encode(user, "UTF-8“) + "&ticket=“+URLEncoder.encode(getKeyedDigest(ezproxyKey + user + timestamp)+ timestamp, "UTF-8") + "&qurl=" + URLEncoder.encode(url, "UTF-8");

Security

•Only users with valid session access the EZCGIServlet▫ http://avsl.aua.am/AVSL

/ezcgi?user=username&url=http://www.bl.uk

•Double checking▫ECGI Servlet sends a ticket to EZProxy

with MD5.▫EZProxy receives the ticket (the user name,

time stamp) it recalculates the message digest and compare it with the ticket.

▫Request is valid only if the two are identical

Successful opened ACM portal

Conclusion•Possibility to purchase the expensive licenses

and provide them freely to the students, faculty

•AVSL uses Directory Server for authenticating users ▫Which make administration easier

•The System uses strong security mechanism to check and give appropriate role to logged in user

•AVSL System uses EZProxy server for accessing the publishers’ resources

•No need for clients to do any configuration

Suggestions for Future Work

•Full integration with EZProxy•The ability to synchronize needed virtual

hosts between System and EZProxy hosts list

•The ability to synchronize users between LDAP System and EZProxy users list

•Add different services, such as enhanced searching capabilities, digital library control systems, etc. into AVSL platform.

References• [1] Jalal B Raouf, “Design of Iraqi Virtual Science Library”, 2007.• URL: http://e-science-library.dev.java.net• [2] Albama SuperComputer Authority, “Alabama Virtual Library• (AVL)”, 2000. URL: http://www.avl.lib.al.us/about/index.html • [3] URL: http://www.who.int/hinari/about/en/ • [4] URL: http://www.aginternetwork.org/en/about.php • [5] URL: http://portal.acm.org • [6] URL: https://www.ivsl.org• [7] By Jayson Falkner (et. al.), “Servlets and JavaServer Pages™:

The J2EE™ Technology Web Tier”, Addison Wesley, United State of America, September 19, 2003.• [8] By Bruce W. Perry, “Java Servlet & JSP Cookbook”, O'Reilly Media Inc., United States of America, January 2004. 

[10] NetBeans(IDE) help contents.

Thank YOU!