Authentication

You are here: Home → Services → Identity Management → Authentication → Authentication via DFN-AAI

Authentication via DFN-AAI

Secure access to online services through the Shibboleth Identity Provider (IdP)

The University of Bonn takes part in the authentication and authorization infrastructure of the DFN (DFN-AAI)

Concept

A number of online portals require authentication of the users. They ensure that the users:

are members of the University of Bonn
belong to the authorized user groups
have a specific authorization for the services
can use the Uni-ID and the corresponding password for access

In order to fulfill these requirements, the University of Bonn takes part in the authentication and authorization infrastructure of the DFN (DFN-AAI) that simplifies the access of authorized users within the “Wissensschaftsnetz” (science network) and increases data protection when using the resources of DFN-AAI contract partners.

The Uni-ID and the password will be tested against the established authentication and authorization systems in the HRZ and will not leave the University of Bonn. The attributes that are needed by the service providers will only be transferred after the user has given his or her confirmation. The confirmation is needed once per service provider.

All users at the University of Bonn are assigned to the roles students, staff and guests. Depending on the conditions of the service provider, only certain user groups will be granted access.

Access to external services

The users of the University of Bonn often need ICT resources offered by third-party providers for teaching, study and research, such as electronic services offered by publishing companies for online research, internet portals for downloading resources or ordering hardware under special university-specific conditions. Many of these providers have contracts with the University of Bonn that specify the terms of use and operate under the condition that only a limited group of authorized users are granted access at the university. The procedure up to now has been that the service providers themselves conducted the authentication and authorization of the end users. For this purpose, they either conducted an IP address verification or implemented a verification of the access data of the end users within their online services.

The address verification entails disadvantages on both sides. The service provider has no possibility to assign different license conditions to different user groups; the access for the end users is problematic when they are located outside of the home institution.
The verification of access data requires that the provider receives, processes and saves this data. When the provider creates their own access data, this leads to a large quantity of access data that is difficult to manage and control. In these cases, the users themselves register with the providers and enter their personal data in an online form. When, on the other hand, the provider inserts the access data from the home institution and forwards the received data to them for verification, the provider has access to sensitive data.

You can find the first online services that you can use via the Shibboleth IdP here:

Service	Availability	Roles
Aachen GigaMove	everywhere	- everyone
Wiley Online Library	everywhere	- Student - Staff member
Web Conferences with Adobe Connect (DFNVC)	everywhere	- Staff member
Web Of Knowledge	outside of BONNET with Shibboleth inside of BONNET without login	- Student - Staff member
Vifarom - Virtuelle Fachbibliothek Romanischer Kulturkreis	everywhere	- Student - Staff member
SpringerLink	outside of BONNET with Shibboleth inside of BONNET without login	- Student - Staff member
ScienceDirect	everywhere	- Student - Staff member
JSTOR	outside of BONNET with Shibboleth inside of BONNET without login	- Student - Staff member
De Gruyter Online	outside of BONNET with Shibboleth inside of BONNET without login	- Student - Staff member
ProQuest und Chadwyck-Healey (a selection, see List of Individual Databases/Journals)	outside of BONNET with Shibboleth inside of BONNET without login	- Student - Staff member
TextGrid Virtual research environment for the humanities	everywhere	- everyone
List of Individual Databases/Journals

Access to internal services

If you operate a central online portal and want to perform the authentication against the Uni-ID, please contact us. We evaluate the possibilities to connect your portal to the Shibboleth IdP.

Queries concerning Shibboleth

for technical issues contact the HRZ under [Email protection active, please enable JavaScript.]
for questions regarding specific service providers and licenses contact the ULB under [Email protection active, please enable JavaScript.]

Document Actions

Hochschulrechenzentrum Universität Bonn

Wegelerstr. 6
53115 Bonn (getting there)

Internet: https://www.hrz.uni-bonn.de/en

Contact

IT-Helpdesk
+49 (0)228 73 2751

[Email protection active, please enable JavaScript.]
Formular: Support-Inquiry

Contact

Opening Times

Opening times of the HRZ and the
computer workplaces (ÖCAPs):

Monday to Friday: 7:30 - 21:30

Special Opening Hours

Impressum

Impressum

Data Privacy (in german)