[OAI-implementers] Autentication in OAI-PMH

José Borbinha jlb at ist.utl.pt
Fri Jul 30 07:58:02 EDT 2010

Hi Filipe!
Please be aware that the "O" in "OAI" really intends to mean "Open"! In that
sense you are raising a relevant requirement for your project, but in fact it
intentionally never was a requirement for the OAI community...

Anyway, there are many "strategies" you can apply to still keep using the
basic OAI-PMH principles and on the same time apply your requirement... You
can start by using a VPN, but maybe other very simple one, that just came now
to my mind, would be to have from the server side an implementation of the
delivery of the data sets dependent from the IP address of the client (I mean,
you just need to customize a server for that, so for unknown IPs the server
gives the "public" data, and the "private" data only to known and previously
registered IPs...). Just an idea...

José Borbinha

-----Original Message-----
From: oai-implementers-bounces at openarchives.org
[mailto:oai-implementers-bounces at openarchives.org] On Behalf Of Filipe Correia
Sent: Friday, July 30, 2010 11:41 AM
To: oai-implementers at openarchives.org
Subject: [OAI-implementers] Autentication in OAI-PMH

Dear OAI Implementers,

I need your advice!

We're using OAI-PMH on a project, to make our records available to third
parties, but a new use-case has come up, and I'm starting to think maybe
OAI-PMH is not the best tool for the job. Please tell me what you think:

The overall idea is that not all harvesters are to be considered equal. By
default harvesters should have access to a specific subset of the data, that
is public to everyone. But some harvesters should be able to harvest a wider
range of data, including both "public" and "private" records. These "private"
records are records that are still being worked upon, or they have sensible
institutional information that is not to be made available to the "world".
This suggests that we'd need to provide an authentication mechanism of some
sort, and filter records according to each user. However, I'm not finding any
reference on the specs to Authentication.

Any help appreciated. Do you think OAI-PMH is applicable in this scenario?


Filipe Figueiredo Correia
PhD Student @ FEUP
Software Engineer @ ParadigmaXis

OAI-implementers mailing list
List information, archives, preferences and to unsubscribe:

More information about the OAI-implementers mailing list