Limit Network Access |
Millennium allows libraries to limit access to the system based on the IP address of the user who is logging in. This can be used to restrict access to reference databases or other computer systems to on-campus library users only. This is often required under the terms of a database vendor's licensing agreement. You may also limit access to the Web OPAC, Millennium servers, and external servers that your library may have acquired. The library may associate each of its available reference databases with a specific service level, a number from 0 to 9 (see also Level of Service in Gateway Setup ). The library may also associate each of its partners (see INNOPAC Partners in Optional Features ) with a specific service level. If a login's service level is lower than that for a particular database or partner, INNOPAC will not offer the menu option for that database or partner. For information on how to assign a service level to a reference database or INNOPAC Partner, see Service level for "Y > Search another DB" in OPAC Options. When INNOPAC acknowledges a user's login, it checks the IP address of the user's machine (the machine from which the user is logging into the INNOPAC machine), against a list of IP addresses and corresponding service levels which is maintained by the library using the Limit NETWORK access function. INNOPAC assigns the user the service level that has been determined for his or her IP address. At a site with reference databases, the system compares the user's service level against the service levels that have been assigned to each individual database. INNOPAC only allows access to those databases whose service level is less than or equal to the user's service level. To set user service levels for the various originating IP addresses, select the Limit NETWORK Access option. Service Levels in Web Access Management offer an optional method of controlling database vendor access for specified computers within a room, building, branch or campus. You use the service level number in conjunction with a service level set in an HTTP entry in Limit Network Access. The service level acts as a privilege, allowing or denying access to databases. First you make entries for the IP addresses of computers in HTTP Administration Access. Next you will set corresponding Service Levels in the Web Access Management Forward Table.
Open a Telnet session for your Millennium System: The HTTP Access Administration screen displays.
Add entries for the IP addresses of computers you want to set up, or use existing IP addresses. To allow access to a database vendor for specific IP addresses and not require patron verification, set a service level number for the IP addresses in HTTP Access Administration that is higher than or equal to the service level for the vendor in the Service Level column in the Web Access Management Forward Table. To allow access but require patron verification, set a service level in HTTP Access Administration lower than the service level specified in the Web Access Management Forward Table. To not allow access to a database vendor for IP addresses, set a service level in HTTP Access Administration that is lower than the service level set in the Web Access Management Forward Table. For example:
IF Service level = 3 in the Web Access Management Table Service Level column
AND THEN Access is allowed for patrons connecting from the specified IP addresses and patron verification is not required. REMINDER : Restart the Web and Proxy servers after changing the Web Access Management table. For more information on how Service Levels work, please read the FAQ on CSDirect. |