FOLIO Project Update – Week of June 29, 2020
Project Updates / 29 Jun 2020
Preliminary entity management, SAML SSO authentication features, and an upcoming community update on building reports in this week's project report.
The Entity Management Working Group shared some preliminary ideas and work with the Metadata Management SIG. Specific JIRA features related to entity management can be found linked to this epic: https://issues.folio.org/browse/UXPROD-787.
The Reporting SIG continues to prepare for its presentation “Reporting Community Update on Building Reports” for the next FOLIO Forum on July 15 from 11am to 12:30pm ET.
The Sys Ops & Mgt SIG discussed SAML SSO authentication features. Since all implementing libraries that rely on SAML-based SSO (e.g. Shibboleth) are members of federations such as InCommon and/or OpenAthens, the software needs to be aware of this (“federation-aware”). SAML metadata need to be available through public APIs, to be searchable by Identity Providers. Currently, anyone with valid campus credentials can log in. SAML authentication should test for explicit authorization before allowing someone access to the system at all. SAML attributes should be linked to FOLIO roles and permissions. Currently SAML integration in FOLIO is governed by mod-login-saml. SysOps SIG thinks that if we don’t know how SAML SSO actually works, it is not feasible to maintain our own module. Instead, they favor employing external add-on modules for SAML authentication in the deployment environment.