Re: multiple user

Author Subject: Re: multiple user
Librarian Support Posted At 08:44:27 05/19/2003
The username and password that you choose when creating an account on LibrarySvr does not have to bear any connection to a given users system login name and password. The association is made between the username and password in a certificate and the system login name at the time of importing the certificate into LibraryCard/Publisher.

Each user of the library needs a certificate that is unique to them. A certificate can only be imported once. By implication, the certificate becomes unique to the user on the workstation on which it was imported. The reason for all of this is that LibrarySvr checks the users encryption key each time they visit the library. If their key is invalid then LibrarySvr locks them out. If the key is valid LibrarySvr generates a new unique encryption key for the user. The new key is received by LibraryCard/Publisher and stored locally on the workstation with the rest of the users certificate details. This security mechanism means that a single user cannot use the same certificate from multiple workstations because their keys would immediately be out of sync. When you combine this with the fact that LibrarySvr only allows one active certificate per user account you find that a user must have a separate user account on LibrarySvr for each workstation from which (s)he will access the library.

Hope this helps.

Post Reply: