How Web Access Management Works
Web Access Management forwards requests to a remote server by having all requests routed through the Innovative Web server.
For example, a library has acquired an account for Lexis-Nexis and wants to offer its patrons a link to this database. This library has set up three logins that are used by the Innovative Web server:
HTTP ACCESS ADMINISTRATION
REMOTE HOST ACCESS? LOGIN NAME SERVICE LEVEL
1 > 123.456.78. Yes webpac1 4
2 > 123.456.90. Yes webpac2 6
3 > all Yes webremote 0
The library can insert a direct link to Lexis-Nexis, e.g.,
<A HREF=http://www.lexis-nexis.com.universe>Go to Lexis-Nexis</A>
in the Main Menu page or in a MARC 856 field in a bibliographic record. This link will retrieve the initial Lexis-Nexis page for local client browsers. However, the Lexis-Nexis server will not allow access by those client browsers that are not located on campus, because these remote browsers are not considered within the library's account. The diagram below illustrates how client browsers access the Innovative Web Server and Lexis-Nexis when the Web Access Management feature is not implemented:
In the diagram above, the webpac1, webpac2, and webremote logins used by the Innovative Web server are represented by the green, blue, and purple arrows, respectively. In addition to accessing the Innovative Web server, the local client browsers could successfully access the Lexis-Nexis server using its actual IP name or address (black arrows), because these logins are recognized by the server as having access through the library's account (i.e., their IP addresses are known to the Lexis-Nexis server). The remote client browsers, however, can see the link to Lexis-Nexis in the library's Main Menu page or a bibliographic record's MARC 856 field, but are not able to access the server (red arrows), because their IP addresses are unknown to the Lexis-Nexis server.
Using the Web Access Management feature, the Innovative server acts as an intermediary host and forwards the requests to the remote server. The remote server never sees the client's IP address, since the Innovative server is making the request rather than the client browser. The system then routes the data from the remote server back to the client, as illustrated below:
In the diagram above, all Lexis-Nexis requests made by webpac1 and webpac2 logins are forwarded by the Innovative Proxy Server (green and blue arrows). The webremote login (purple arrow) is not allowed to access the Lexis-Nexis server. Additionally, the library could specify that patron verification be performed for the webpac1 and/or webpac2 logins.
Because each forwarded request uses the Innovative Proxy Server as the intermediary, the request counts as a WebPAC login using one of the library's user licenses, unless the library has the unlimited WebPAC logins feature. However, WebPAC logins expire after two minutes of inactivity, so their impact on the library's license resources is minimal (for a discussion of WebPAC logins, see Administering User Accounts).