Not all online subscription content has a compatible login yet, so as a stopgap whilst the publishers update their technology we provide a managed proxy service which your account manager will be happy to discuss with you.
How do I tell you about a resource that doesn't have a proper login?
If you have done everything on the How to set up access to your subscribed content page, then your Account manager is the person to speak to.
Why does resource X or Y no longer have a proxy option?
Sometimes it could be for security or compatibility reasons but usually it is because it has implemented a superior SAML option. This is good news for both you and your users and means there is no longer any need for it to be proxied.
How does it work... and why doesn't my IT guy want to run one?
Ok, here's the thing about proxy servers. There are two types - forward and reverse. A forward proxy sits between your network and the outside world and makes sure the web pages you're looking at (i.e. connections you initiate) come back to your computer and not to Janice in Accounts - if that sounds like what a firewall does, you're right because firewalls include a forward proxy. A reverse proxy is the reverse of that and is used when the outside world is initiating the connection to something inside your network (e.g. servers). Both are relatively simple.
When you are providing remote access to websites though, you have to use both types at the same time... and also have something sort of sitting between them to rewrite all the traffic and it's this middle bit that your IT guys would prefer not to have to handle.
What we do is take authenticated users to the proxied content, handling all the various rewrites that are necessary to get the content to the user and let them navigate the proxied site. The site authorises the user because they are coming from an IP address that the site associates with you.
I'm a publisher and...
If one of our mutual customers needs to proxy your content to enable off-site access for their end users, they will include an IP address in their ranges that is used by our managed proxy service and if you've found your way here it is probably because you checked who owned that IP.
You can be assured that the IP address they supplied will be unique to them within our managed proxy service so long as they are our customer.
That said, your best route forward is to implement a login that is compatible with the many SAML federations around the world. This is the preferred solution of most medium and large organisations that purchase institutional licences and for a sample of the kind of organisations these are, see: https://login.openathens.net/org-list.
Publishers do not have to use OpenAthens software to join our (or any) federation, but we do have some rather good options though - see: OpenAthens for Providers. Many publishers who have implemented this kind of login have been able to disallow proxy access.
- OpenAthens trademark entry at the intellectual Property Office - https://trademarks.ipo.gov.uk/ipo-tmcase/page/Results/4/EU013713821
- Merger of Eduserv and Jisc - https://openathens.org/jisc-merger-faqs/
- Jisc company number: 5747339
- Jisc charity number: 1149740