Muse® Proxy Application
As a Web Access Management (WAM) software, Muse® Proxy can provide access to a variety of Data Sources through its Muse Proxy Application.
Most of the libraries subscribe to a number of electronic resources, which should be available only to their patrons and staff. They have to use WAM software, such as Muse® Proxy, in order to control access to these resources and comply with their contractual agreements.
Sources with Providers Logos and Multiple Views
Application sources are listed together with their names, descriptions, provider logo and links to the native sites. Alphabetical listing, sorting, filtering, subject grouping, list/group style display give the user all the tools to find sources that are of most interest.
Muse Knowledge Proxy Administration
The Muse® Proxy Administration Console enables the administrators to configure any functionality of Muse® Proxy, from global configurations to individual Muse Proxy Applications and their resources. Various tools are available to help with the administration chores.
Client connections, sessions, tiny URLs and log files can be managed here:
- A client connection is considered an HTTP transaction between a client (commonly a browser) and Muse Proxy.
- A client session is a session established once for each client which tries to access Muse Proxy.
- A Tiny URL is a small URL, used to store information of the URL(s) that are longer than 2047 characters and/or URL(s) that use the HTTP POST method.
- Log files management.
Muse® Proxy counts all the available statistics, for all the server IP(s) on which it listens, without any restrictions. So, through customizations done in this section, you may eventually disable some of the automatically counted statistics per each server IP. You can view all the Statistics Mappings used by Muse® Proxy in order to customize the statistics counting. These Statistics Mappings include the following details:
- Index - The position of the mapping in the list of Statistics Mappings. This position is very important because the Statistics Mappings are matched in a top-down manner, meaning that only the first matched Statistics Mapping will be considered when customizing the statistics counting;
- Server IP(s) Patterns - If a certain server IP matches at least one of these server IP(s) patterns, then the properties of the current Statistics Mapping will be used when counting the statistics for that server IP;
- Traffic Mappings - Defines the Traffic Mappings to be considered when customizing the traffic statistics counting;
- Enabled/Disabled Attributes - Defines the list of enabled/disabled non-traffic attributes. A disabled attribute is an attribute that will not be counted while an enabled attribute is an attribute that will be counted for the server IP(s) matched by the current Statistics Mapping.
Configuration - Server IP(s)
Muse® Proxy can run in a Multiple IP(s) Configuration Environment; IP(s) on which Muse® Proxy should listen can be specified. By default, if you do not specify any pattern, Muse® Proxy listens on all IP(s) addresses installed on the machine where it runs, on all interfaces.
Configuration - SAML
Muse® Proxy supports SAML 2.0 Authentication as a Service Provider. Being based on Spring Security SAML Extension, theoretically all products supporting SAML 2.0 in Identity Provider mode (e.g. ADFS, Okta, Shibboleth, OpenAM, Efecte EIM or Ping Federate) should be compatible.
SAML requires by its nature complex configurations and interconnections with more parties such as IDP, Discovery services, Identity Management Federation. Through this page Muse® Proxy facilitates parts of this configuration by offering help on the generation and listing of metadata and offering instructions on where to configure certain elements.
Configuration - SSO
Muse® Proxy supports Single Sign on Authentication as a Client. This page deals with SSO Authentication other than SAML. A wide range of OAuth, OAuth2, OpenID Connect and CAS based SSO authentication are supported.
Muse® Proxy is a multi-tenant software, grouping more customers in the same instance. To be able to handle multiple clients in the same instance, Muse® Proxy is differentiating between the client instances using the application ID in the client filtering path. Even for a single Muse® Proxy application its name must be configured. This ensures uniformity and a smooth extension in the future.
Cache Status and Files
Muse® Proxy provides statistic information about the objects stored in its cache: Files Cached, Cache Max Objects, Cache Max Size, Cache Min Free Space, Bytes Cached, Hits, Misses.
This section provides detailed information about the cache files:
- URL - the URL of the cached object;
- Last Access Time - the date when the cached object was last accessed;
- Size(B) - the size (in bytes) of the cached object.
Several useful utilities are available for managing Muse® Proxy:
- generate HMAC links used for transparent log-on from a portal so that the end-user is not requested an explicit authentication to Muse® Proxy;
- rewrite a URL through Muse® Proxy;
- un-rewrite a Muse® Proxy rewritten URL;
- test which sourceID is detected for a certain application when receiving only the url/qurl parameter;
- encrypt/decrypt passwords using the SHA1, MD5 and DES encryption algorithms;
- troubleshoot filter configurations via regular expression by Find and Replace.
Advanced operations of the Muse® Proxy can be performed directly from the web interface. This section is used to perform operations like cleaning the proxy PAC cache, refreshing the applications and configuration.
- Clean Proxy PAC Cache;
- Refresh Applications;
- Refresh Configuration;
- Refresh java.policy.
Managing assigned keystores is also available from this section of the Muse® Proxy. The displayed fields are:
- File name - The keystore file name;
- IP - The IP for which the current keystore is assigned;
- Common name - The certificate common name;
- Validity - The validity of first certificate from certificate chain.
Add, edit, delete and more actions are available. There are also available: generate a self signed certificate, import a certificate, upload a keystore.
Usage limit counters store the current number of requests and accumulated traffic corresponding to the defined window interval, last update time for a limit rule defined in an application.
Users can be suspended is they exceeded the application usage limits defined in the limits application file. They cannot login in the corresponding application or navigate on any source in the existent session until the ban time expires or it is explicitly unsuspended by the administrator.