Referer

Referer is a position-dependent config.txt/ezproxy.cfg directive that interacts with database definitions.

Overview

EZproxy normally operates as a URL rewriting proxy server which leverages IP authentication to provide remote users with access to databases. Referer directs EZproxy to use referring URL instead of proxied access to connect a user to a database.

Sample usage:

Referer secretcode

Title Some Database
URL http://www.somedb.com/
Domain somedb.com

The value of secretcode may be up to 32 characters chosen from letters, digits, hyphens (-), and underscores (_).

In this example, if a user accesses the starting point URL:

http://ezproxy.yourlib.org:2048/login?url=http://www.somedb.com/

then EZproxy will insure that the referring URL used for access is:

http://ezproxy.yourlib.org:2048/referer/ secretcode

This referring URL must be registered with the database vendor to allow access.

To enhance the security of referring URL, you can change the value of secretcode to other text strings and update the authorized referring URLs for your EZproxy server with your database vendor, with no need to change any of your existing EZproxy starting point URLs.

Personal privacy programs and access failure

Many personal privacy programs suppress referring URL authentication to protect privacy. If your users employ such products, access to databases that rely on referring URL authentication can fail while providing little to no clues for users why access failed. If you choose to use referring URL, you should insure that your support staff are prepared to deal with these additional support calls.

Mixing referring URL and proxied access

Referring URL authentication begins where Referer appears with a referring URL code and ends when Referer appears with no code. For instance,

Referer secretcode

Title Some Database
URL http://www.somedb.com/
Domain somedb.com

Referer

Title Other Database
URL http://www.otherdb.com/
Domain otherdb.com

Title Another Database
URL http://www.anotherdb.com/
Domain anotherdb.com

enables referring URL access for Some Database and proxied access for Other Database and Another Database.

Groups

The Referer directive is group-sensitive. When using group assignments with referring URL authentication, the Group directive should appear before the Referer directive. For example,

Group blue
Referer bluesecret

Group red
Referer redsecret
Title Some Database

URL http://www.somedb.com/
Domain somedb.com

configures Some Database to use referring URL and establishes that people who are members of the blue group will have

http://ezproxy.yourlib.org:2048/referer/bluesecret

as their referring URL, whereas members of the red group will have:

http://ezproxy.yourlib.org:2048/referer/redsecret

as their referring URL.

Users who are members of both the blue and red groups would have bluesecret in their referring URL.