E-publishing system
ICT infrastructureCommon portal platform Authentication / authorization framework

Authentication / authorization framework

The access to portal instances is not restricted anyhow. All pages and contributions are accessible for anyone. Thus, everyone interested can get an overview of digital educational contents available in the given medical school or even in the whole MEFANET network. The educational contents itself is included in attached files or hypertext links. Each attachment and/or link contains information on a group of users who have access to these materials.

The authors of the teaching materials (i.e. published attachments) can choose from the following user groups, in order to permit or deny access to their materials:

  1. nonregistered anonymous users,
  2. registered anonymous users, who accepts the terms of use within his/her registration,
  3. user of MEFANET network, i.e. student or teacher from any Czech or Slovak medical school,
  4. user of local university, whose affiliation to that university has been verified at the portal via the local information system of that university,
  5. user to whom attachments are made available only on the author's explicit consent.

Services of the Czech academic identity federation EDUID.CZ [Czech academic identity federation eduID.cz. Available: http://www.eduid.cz/wiki/en/eduid/index] are used, in order to check affiliations of the users of the portal instances. This federation uses Shibboleth technology which is one of many authentication frameworks allowing sharing web resources among institutions using the SAML (Security Assertion Markup Language) protocol standard. The portal instances behave like service providers in this federation, whereas the information systems of the involved schools behave like identity providers.