Any views expressed within media held on this service are those of the contributors, should not be taken as approved or endorsed by the University, and do not necessarily reflect the views of the University in respect of any particular issue.
Digimap is an online map and data delivery service, available by subscription to UK Higher and Further Education establishments. Operated by EDINA at the University of Edinburgh, Digimap offers a number of data collections, including Ordnance Survey, historical, geological, aerial photography, LiDAR, marine maps, land cover mapping, global mapping and census data. For more information about Digimap go to our website: https://digimap.edina.ac.uk Background image Contains OS data (c) Crown Copyright and database right 2022
On Friday 12 December, EDINA will make a small change to the Digimap registration pages. Currently, users logging in to Digimap with new (un-registered) login credentials are given the option to link their new details with an existing registration that they may have with Digimap. This option was implemented to aid the transition between Athens and the UK Federation in August 2008.
EDINA has discovered that many users are not logging out of the UK Federation properly, and are inadvertently allowing other individuals to access services using their login details. This is because the only way to log out of the UK Federation is to close *all* browser windows.
As a result of this, some Digimap users are linking their Digimap registration with the UK Federation login details of other users who are not registered with Digimap. This allows both users access to the service, when only one individual has agreed to the terms of the licence.
In order to avoid this problem, EDINA is removing the option to link a new registration with an existing registration. This change will take effect from the evening of Friday 12 December 2008. Users registering for Digimap with a new set of login details will be automatically requested to submit these details as a new registration. This simplifies the registration process and ensures that users cannot link accounts inappropriately.
If you have questions about this change, or would like to discuss it further, please do not hesitate to contact us.
EDINA has identified a number of cases where one user has inadvertently registered with Digimap using another individual’s login details. We believe that this may have occurred because the first user has finished using a public access machine but has left their web browser open. This means that the browser is still logged in to the UK Federation with that user’s login credentials.
In order to log out of the UK Federation it is necessary to close ALL web browser windows. This is particularly important if the user is not required to log out of the machine they are using.
Site representatives and local support staff may wish to remind their local users of any local protocols for logging out of electronic systems.
From 1 August 2008, access to Digimap will be via the UK federation only. If your institution has not made appropriate provision for this change, users at your institution will not be able to gain access to any Digimap Collection.
While there is a considerable volume of documentation about the transition between Athens and Shibboleth, there are one or two points relating to Digimap which may have been overlooked and which we would like to draw to your attention.
User Accountability
Regardless of which method your institution is employing to access Digimap, it will need to assert user accountability. Broadly speaking, this means that the institution must able to trace activity in any given session to an individual. User identifiers must not be reused or recycled according to a specific policy, and access to resources must be withdrawn in a timely fashion, when appropriate. You can read more about asserting user accountability in the UK federation’s Rules of Membership (section 6, here: http://www.ukfederation.org.uk/library/uploads/Documents/rules-of-membership.pdf
If your institution is not asserting user accountability, all users will be denied access to all Digimap Collections, except Historic Digimap.
Open Athens
If your institution is using OpenAthens, it will be necessary to have a virtual Identity Provider with Eduserv in order for your institution to be able to assert user accountability. Accessing Digimap using the “Eduserv Athens” option in the WAYF will not give your users access to Digimap, since it is not possible to assert user accountability by this method.
Error Messages
If your institution does not yet assert user accountability, you will see a message to this effect when you try to log in to Digimap. If you see this message, please contact someone in your institution who deals with your UK federation implementation. EDINA cannot change this for you.
Using a local Identity Provider
If your institution is running its own Identity Provider, you may find the list of technical requirements on the EDINA website useful. If you are having trouble accessing Digimap while testing your Shibboleth implementation, please check that your Identity Provider is releasing the appropriate attributes, as given in the above list.
No UK federation?
If your institution has not registered with the UK federation, does not have an in-house Identity Provider or has not registered with OpenAthens, action is required as soon as possible. Setting up access to online resources via the UK federation is not an instant process.
EDINA has identified from publicly available lists, that there are some institutions subscribing to Digimap which appear not to be registered either with the UK federation or with OpenAthens. Users at these institutions will not be able to access Digimap at all from 1 August 2008.
If your institution is unable to set up access to online resources via the UK federation by 1 August, please contact the EDINA Helpdesk, where we will refer you to JISC Collections. You can telephone us on 0131 650 3302 or contact us by email: edina@ed.ac.uk
The imminent changes to authentication mechanisms across the UK tertiary education sector have implications for access to Digimap. A change of login credentials may mean that users are required to re-register with Digimap in order to continue accessing the service.
From 1 August 2008, access to Digimap will be via the UK federation only. This will mean that all subscribing institutions must offer their users access to Digimap through one of two methods:
1. using OpenAthens
2. via an in-house Shibboleth Identity Provider
Whichever method your institution chooses, one of the following re-registration consequences will apply:
Users who are already registered and continue to access Digimap through the OpenAthens service should not be required to re-register for Digimap.
Users who are already accessing Digimap using their institution’s in-house Shibboleth Identity Provider (i.e. are already registered with their Shibboleth credentials) will also not be required to re-register
Institutions moving from classic Athens or Athens DA authentication to using their own in-house Shibboleth Identity Provider should be prepared for all their Digimap users having to re-register.
This applies to all those Digimap Collections which require a secondary registration (currently Marine Digimap, Geology Digimap and Digimap’s Ordnance Survey Collection). Any change to an institutional login account will result in a requirement for users to re-register their new account details with Digimap. Indeed, those who have already made the transition from Athens to Shibboleth will already have undertaken this re-registration.
When users are issued with UK federation login credentials, they will need to register these new credentials with Digimap. However, this means that any personalisation (including data download histories for MasterMap Download) associated with their previous (Athens) accounts will not be accessible through their new account. To ease the transition process, EDINA has implemented a linking mechanism between existing Athens registrations and new Shibboleth registrations. This is a two-stage process:
Stage 1
The first stage is to collect some additional information from each user, in the form of a question and answer, while they are still accessing Digimap with their Athens-based login credentials. For example, the user may be asked “what is your favourite place?”, to which the reply might be “New York”. From the date of implementation of this facility, all Digimap users have been asked to complete this process when they log in. This additional step is only required once, not once per Collection, but must be completed before access can be gained to the service.
Stage 2
The second stage of the linking mechanism occurs when a user logs in with a new set of (UK federation-based) credentials which have not yet been registered with Digimap, and will only occur if the user has completed the first stage of the process with their previous account details. With these new credentials the user is guided through an abbreviated form of the Digimap registration process. If the details submitted by the user (surname and email address) match an existing set of details, the user will be asked to confirm the answer to their chosen question (as per stage one). Assuming the question is answered correctly, the two registration records will then be linked and any personalisation within Digimap will be available to the user under their new login credentials.
This process is not able to catch all new account holders, since it relies on users submitting a surname and email address for their new login credentials which are identical to those they submitted using their previous (Athens) credentials. For example, an email address submitted with Athens credentials as user@student.institution.ac.uk will not match an email address submitted with the same individual’s UK federation credentials as user@institution.ac.uk, even though both addresses may function, and may reach the same person. We also understand from our site representatives that some users don’t always spell their surnames the same way!
Those users who do not log in with their Athens accounts and complete stage one of this process will not be able to link their existing account to any new account. Such users will need to register their new UK federation accounts in the usual way, and will not be able to retain any personalisation which existed with their previous account. Those users who already have both Athens and UK federation accounts registered with Digimap will not be able to link personalisation information between the two. However, logging in with a new Shibboleth account will allow users to link to a previous Shibboleth account.
This information has previously been published in EDINA Newsline (June 2008). An email with this information was also sent to all users on 12 June 2008.
Access to all EDINA services, including the Digimap Collections, will be via UK Federation authentication only from 1 August 2008. This can be done either directly through the UK Federation or by using the OpenAthens gateway services.
EDINA has established from publicly available lists that there are some institutions which have not yet indicated which authentication system they will be using from 1 August 2008.
If your institution is not able to authenticate users with one of these methods by 1 August 2008, users at those institutions will lose access to the Digimap Collections. EDINA is not able to provide any alternative means of access, therefore we would urge you to consider which authentication system is most suitable for your institution’s needs.
If you have any questions about access to Digimap, or would like to discuss the implications of this change further, please do not hesitate to contact us. You can reach us by email on edina@ed.ac.uk or by telephone on 0131 650 3302.
