DCS supports a number of different methods for authenticating whether an end user has permission to access course material.
On-Campus access for students
For students accessing content from “on campus”, this can be done using IP Authentication. The HEI’s IP range is configured in the DCS and for any requests for that HEI’s content that comes from within their IP range, access to the content will be allowed. See this article about setting up an IP authentication for the DCS.
Off-Campus access for students
For students accessing content from outside the IP range (off-campus), the DCS is able to authenticate access using an access management service - Shibboleth or OpenAthens - or the paid for web proxy service - EZproxy. We also offer a manual authentication process with student emails. Details for these integrations can be found here.
We are aware that some HEIs are unable to use any of these services for off-campus authentication, and may not wish to use a manual authentication that require students to have a new login.
Off-Campus access alternative to federated authentication: Web Proxy
A possible alternative would be for the HEI to setup a Web Proxy themselves. This setup would need to ensure that that DCS links would go via the Web Proxy, which would refer them to the DCS from an IP address known to the DCS. The request would then be authenticated by the DCS as if it had come from a user who was on campus. As long as the HEI has first validated the user (using a unique login and password managed by the HEI). CLA are happy for authentication to occur in this way.
There are many ways this solution can be achieved and it would be down to the HEI to implement the solution that best suited them.
Example of Web Proxy use
Below is an example of how one of our customers is using a Web Proxy to access DCS content and how they are ensuring the user is known to them first.
- The HEI is prefixing the DCS generated content links, so that they go via their Proxy Server instead of straight to the DCS.
- For example, a DCS Link (https://contentstore.cla.co.uk/secure/link?id=17b98306-1e53-e511-80bd-00110aczzz99cd) would be prefixed with “yourserver.ac.uk” (https://yourserver.ac.uk/secure/link?id=17b98306-1e53-e511-80bd-00110aczzz99cd)
- The HEI is only making these links available to students via their Virtual Learning Environment (VLE) so students would have needed to login before accessing the links. Their Proxy Server has been configured to:
- Ensure that the referring site is their VLE (ensuring that only authenticated Users will be forwarded to the DCS)
- Pass the original URL to the DCS from an IP address within the range configured in DCS.
The set up of this sort of process is quite complex and will require the involvement of your IT team. We at CLA are unable to recommend a particular service to use for this sort of authentication. For any further questions please email firstname.lastname@example.org.
Please sign in to leave a comment.