3 === About the SIP Protocol ===
5 indexterm:[Automated Circulation System]
7 indexterm:[Automated Material Handling]
9 +SIP+, standing for +Standard Interchange Protocol+, was developed by the +3M corporation+ to be a common
10 protocol for data transfer between ILS' (referred to in +SIP+ as an _ACS_, or _Automated Circulation System_) and a
11 third party device. Originally, the protocol was developed for use with _3M SelfCheck_ (often abbreviated SC, not to
12 be confused with Staff Client) systems, but has since expanded to other companies and devices. It is now common
13 to find +SIP+ in use in several other vendors' SelfCheck systems, as well as other non-SelfCheck devices. Some
16 * Patron Authentication (computer access, subscription databases)
17 * Automated Material Handling (AMH)
18 ** The automated sorting of items, often to bins or book carts, based on shelving location or other programmable
21 === Installing the SIP Server ===
25 This is a rough intro to installing the +SIP+ server for Evergreen.
30 Current +SIP+ server code lives at in the Evergreen git repository:
33 git clone git://git.evergreen-ils.org/SIPServer.git SIPServer
36 Configuring the Server
37 ^^^^^^^^^^^^^^^^^^^^^^
39 indexterm:[configuration files, oils_sip.xml]
41 . Type the following commands from the command prompt:
45 $ cp oils_sip.xml.example oils_sip.xml
47 . Edit oils_sip.xml. Change the commented out <server-params> section to this:
56 . max_servers will directly correspond to the number of allowed +SIP+ clients. Set the number accordingly, but
57 bear in mind that too many connections can exhaust memory. On a 4G RAM/4 CPU server (that is also running
58 evergreen), it is not recommended to exceed 100 +SIP+ client connections.
60 ===== Setting the encoding =====
62 SIPServer looks for the encoding in the following
65 1. An +encoding+ attribute on the +account+ element for the currently active SIP account.
66 2. The +encoding+ element that is a child of the +institution+ element of the currently active SIP account.
67 3. The +encoding+ element that is a child of the +implementation_config+ element that is itself a child of the +institution+ element of the currently active SIP account.
68 4. If none of the above exist, then the default encoding (ASCII) is used.
70 Option 3 is a legacy option. It is recommended that you alter your configuration to
71 move this element out of the +implementation_config+ element and into
72 its parent +institution+ element. Ideally, SIPServer should *not* look into
73 the implementation config, and this check may be removed at some time
78 The `msg64_hold_datatype` setting is similar to `msg64_summary_datatype`, but affects holds instead of circulations.
79 When set to `barcode`, holds information will be delivered as a set of copy barcodes instead of title strings for
80 patron info requests. With barcodes, SIP clients can both find the title strings for display (via item info requests)
81 and make subsequent hold-related action requests, like holds cancellation.
84 ==== Adding SIP Users ====
86 indexterm:[configuration files, oils_sip.xml]
88 . Type the following commands from the command prompt:
93 . In the +<accounts>+ section, add +SIP+ client login information. Make sure that all +<logins>+ use the same
94 institution attribute, and make sure the institution is listed in +<institutions>+. All attributes in the
95 +<login>+ section will be used by the +SIP+ client.
97 . In Evergreen, create a new profile group called +SIP+. This group should be a sub-group of +Users+ (not +Staff+
98 or +Patrons+). Set _Editing Permission_ as *group_application.user.sip_client* and give the group the following
106 VIEW_COPY_CHECKOUT_HISTORY
109 VIEW_USER_FINES_SUMMARY
110 VIEW_USER_TRANSACTIONS
115 INSERT INTO permission.grp_tree (name,parent,description,application_perm)
116 VALUES ('SIP', 1, 'SIP2 Client Systems', 'group_application.user.sip_client');
119 permission.grp_perm_map (grp, perm, depth, grantable)
123 permission.grp_tree g,
124 permission.perm_list p
132 'VIEW_COPY_CHECKOUT_HISTORY',
133 'VIEW_PERMIT_CHECKOUT',
135 'VIEW_USER_FINES_SUMMARY',
136 'VIEW_USER_TRANSACTIONS'
143 FROM permission.grp_perm_map pgpm
144 INNER JOIN permission.perm_list ppl ON pgpm.perm = ppl.id
145 INNER JOIN permission.grp_tree pgt ON pgt.id = pgpm.grp
146 WHERE pgt.name = 'SIP';
150 . For each account created in the +<login>+ section of oils_sip.xml, create a user (via the staff client user
151 editor) that has the same username and password and put that user into the +SIP+ group.
155 The expiration date will affect the +SIP+ users' connection so you might want to make a note of this
162 To start the +SIP+ server type the following commands from the command prompt:
167 $ oils_ctl.sh -a [start|stop|restart]_sip
180 It is useful to log +SIP+ requests to a separate file especially during initial setup by modifying your syslog config file.
184 $ sudo vi /etc/syslog.conf # maybe /etc/rsyslog.conf
189 local6.* -/var/log/SIP_evergreen.log
191 . Syslog expects the logfile to exist so create the file.
193 $ sudo touch /var/log/SIP_evergreen.log
197 $ sudo /etc/init.d/sysklogd restart
200 ===== Syslog-NG =====
202 indexterm:[syslog-NG]
204 . Edit logging config.
206 sudo vi /etc/syslog-ng/syslog-ng.conf
210 # +SIP2+ for Evergreen
211 filter f_eg_sip { level(warn, err, crit) and facility(local6); };
212 destination eg_sip { file("var/log/SIP_evergreen.log"); };
213 log { source(s_all); filter(f_eg_sip); destination(eg_sip); };
215 . Syslog-ng expects the logfile to exist so create the file.
217 $ sudo touch /var/log/SIP_evergreen.log
221 $ sudo /etc/init.d/syslog-ng restart
227 Testing Your SIP Connection
228 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
230 * In the root directory of the SIPServer code:
234 * Edit SIPtest.pm, change the $instid, $server, $username, and $password variables. This will be
235 enough to test connectivity. To run all tests, you'll need to change all the variables in the _Configuration_ section.
237 $ PERL5LIB=../ perl 00sc_status.t
239 This should produce something like:
243 ok 1 - Invalid username
244 ok 2 - Invalid username
248 * Don't be dismayed at *Invalid Username*. That's just one of the many tests that are run.
250 ==== More Testing ====
252 Once you have opened up either the +SIP+ OR +SIP2+ ports to be accessible from outside you can do some testing
253 via +telnet+. In the following tests:
255 * Replace +$server+ with your server hostname (or +localhost+ if you want to
256 skip testing external access for now);
257 * Replace +$username+, +$password+, and +$instid+ with the corresponding values
258 in the +<accounts>+ section of your SIP configuration file;
259 * Replace the +$user_barcode+ and +$user_password+ variables with the values
261 * Replace the +$item_barcode+ variable with the values for a valid item.
264 Comments because we don't want to indent these numbered bullets!
267 . Start by testing your ability to log into the SIP server:
270 ======================
271 We are using 6001 here which is associated with +SIP2+ as per our configuration.
272 ======================
274 $ telnet $server 6001
275 Connected to $server.
276 Escape character is '^]'.
277 9300CN$username|CO$password|CP$instid
279 If successful, the SIP server returns a +941+ result. A result of +940+,
280 however, indicates an unsuccessful login attempt. Check the +<accounts>+
281 section of your SIP configuration and try again.
283 . Once you have logged in successfully, replace the variables in the following
284 line and paste it into the telnet session:
286 2300120080623 172148AO$instid|AA$user_barcode|AC$password|AD$user_password
288 If successful, the SIP server returns the patron information for $user_barcode,
289 similar to the following:
291 24 Y 00120100113 170738AEFirstName MiddleName LastName|AA$user_barcode|BLY|CQY
292 |BHUSD|BV0.00|AFOK|AO$instid|
294 The response declares it is a valid patron BLY with a valid password CQY and shows the user's +$name+.
296 . To test the SIP server's item information response, issue the following request:
298 1700120080623 172148AO$instid|AB$item_barcode|AC$password
300 If successful, the SIP server returns the item information for $item_barcode,
301 similar to the following:
303 1803020120160923 190132AB30007003601852|AJRégion de Kamouraska|CK001|AQOSUL|APOSUL|BHCAD
304 |BV0.00|BGOSUL|CSCA2 PQ NR46 73R
306 The response declares it is a valid item, with the title, owning library,
307 permanent and current locations, and call number.
311 === SIP Communication ===
313 indexterm:[SIP Server, SIP Communication]
315 +SIP+ generally communicates over a +TCP+ connection (either raw sockets or over +telnet+), but can also
316 communicate via serial connections and other methods. In Evergreen, the most common deployment is a +RAW+ socket
317 connection on port 6001.
319 +SIP+ communication consists of strings of messages, each message request and response begin with a 2-digit
320 ``command'' - Requests usually being an odd number and responses usually increased by 1 to be an even number. The
321 combination numbers for the request command and response is often referred to as a _Message Pair_ (for example,
322 a 23 command is a request for patron status, a 24 response is a patron status, and the message pair 23/24 is patron
323 status message pair). The table in the next section shows the message pairs and a description of them.
325 For clarification, the ``Request'' is from the device (selfcheck or otherwise) to the ILS/ACS. The response is… the
326 response to the request ;).
328 Within each request and response, a number of fields (either a fixed width or separated with a | [pipe symbol] and
329 preceded with a 2-character field identifier) are used. The fields vary between message pairs.
331 |===========================================================================
332 | *Pair* | *Name* | *Supported?* |*Details*
333 | 01 | Block Patron | Yes |<<sip_01_block_patron, 01/Block_Patron>> - ACS responds with 24 Patron Status Response
334 | 09-10 | Checkin | Yes (with extensions) |<<sip_09-10_checkin, 09/10_Checkin>>
335 | 11-12 | Checkout | Yes (no renewals) |<<sip_11-12_checkout, 11/12_Checkout>>
336 | 15-16 | Hold | Partially supported |<<sip_15-16_hold, 15/16_Hold>>
337 | 17-18 | Item Information | Yes (no extensions) |<<sip_17-18_item_information, 17/18_Item_Information>>
338 | 19-20 | Item Status Update | No |<<sip_19-20_item_status_update, 19/20_Item_Status_Update>> - Returns Patron Enable response, but doesn't make any changes in EG
339 | 23-24 | Patron Status | Yes |<<sip_23-24_patron_status, 23/24_Patron_Status>> - 63/64 ``Patron Information'' preferred
340 | 25-26 | Patron Enable | No |<<sip_25-26_patron_enable, 25/26_Patron_Enable>> - Used during system testing and validation
341 | 29-30 | Renew | Yes |<<sip_29-30_renew, 29/30_Renew>>
342 | 35-36 | End Session | Yes |<<sip_35-36_end_session, 35/36_End_Session>>
343 | 37-38 | Fee Paid | Yes |<<sip_37-38_fee_paid, 37/38_Fee_Paid>>
344 | 63-64 | Patron Information | Yes (no extensions) |<<sip_63-64_patron_information, 63/64_Patron_Information>>
345 | 65-66 | Renew All | Yes |<<sip_65-66_renew_all, 65/66_Renew_All>>
346 | 93-94 | Login | Yes |<<sip_93-94_login, 93/94_Login>> - Must be first command to Evergreen ACS (via socket) or +SIP+ will terminate
347 | 97-96 | Resend last message | Yes |<<sip_97-96_resend, 97/96_Resend>>
348 | 99-98 | SC-ACS Status | Yes |<<sip_99-98_sc_and_acs_status, 99/98_SC_and_ACS_Status>>
349 |===========================================================================
351 [#sip_01_block_patron]
353 ==== 01 Block Patron ====
355 indexterm:[SelfCheck]
357 A selfcheck will issue a *Block Patron* command if a patron leaves their card in a selfcheck machine or if the
358 selfcheck detects tampering (such as attempts to disable multiple items during a single item checkout, multiple failed
361 In Evergreen, this command does the following:
363 * User alert message: _CARD BLOCKED BY SELF-CHECK MACHINE_ (this is independent of the AL _Blocked
364 Card Message_ field).
366 * Card is marked inactive.
368 The request looks like:
370 01<card retained><date>[fields AO, AL, AA, AC]
372 _Card Retained_: A single character field of Y or N - tells the ACS whether the SC has retained the card (ex: left in
375 _Date_: An 18 character field for the date/time when the block occurred.
377 _Format_: YYYYMMDDZZZZHHMMSS (ZZZZ being zone - 4 blanks when local time, ``Z'' (3 blanks and a Z)
378 represents UTC(GMT/Zulu)
380 _Fields_: See <<fields, Fields>> for more details.
382 The response is a 24 ``Patron Status Response'' with the following:
384 * Charge privileges denied
385 * Renewal privileges denied
386 * Recall privileges denied (hard-coded in every 24 or 64 response)
387 * hold privileges denied
388 * Screen Message 1 (AF): _blocked_
393 ==== 09/10 Checkin ====
395 ~The request looks like:
397 09<No block (Offline)><xact date><return date>[Fields AP,AO,AB,AC,CH,BI]
399 _No Block (Offline)_: A single character field of _Y_ or _N_ - Offline transactions are not currently supported so send _N_.
401 _xact date_: an 18 character field for the date/time when the checkin occurred. Format:
402 YYYYMMDDZZZZHHMMSS (ZZZZ being zone - 4 blanks when local time, ``Z'' (3 blanks and a Z) represents
405 _Fields_: See <<fields, Fields>> for more details.
407 The response is a 10 ``Checkin Response'' with the following:
409 10<resensitize><magnetic media><alert><xact date>[Fields AO,AB,AQ,AJ,CL,AA,CK,CH,CR,CS,CT,CV,CY,DA,AF,AG]
411 Example (with a remote hold):
413 09N20100507 16593720100507 165937APCheckin Bin 5|AOBR1|AB1565921879|ACsip_01|
415 101YNY20100623 165731AOBR1|AB1565921879|AQBR1|AJPerl 5 desktop reference|CK001|CSQA76.73.P33V76 1996
416 |CTBR3|CY373827|DANicholas Richard Woodard|CV02|
418 Here you can see a hold alert for patron CY _373827_, named DA _Nicholas Richard Woodard_, to be picked up at CT
419 ``BR3''. Since the transaction is happening at AO ``BR1'', the alert type CV is 02 for _hold at remote library_. The
420 possible values for CV are:
428 * 03: ILL transfer (not used by EG)
434 indexterm:[magnetic media]
438 The logic for Evergreen to determine whether the content is magnetic_media comes from
439 or search_config_circ_modifier. The default is non-magnetic. The same is true for media_type (default
440 001). Evergreen does not populate the collection_code because it does not really have any, but it will provide
441 the call_number where available.
443 Unlike the +item_id+ (barcode), the +title_id+ is actually a title string, unless the configuration forces the
444 return of the bib ID.
446 Don't be confused by the different branches that can show up in the same response line.
448 * AO is where the transaction took place,
450 * AQ is the ``permanent location'', and
452 * CT is the _destination location_ (i.e., pickup lib for a hold or target lib for a transfer).
455 [#sip_11-12_checkout]
457 ==== 11/12 Checkout ====
464 Evergreen supports the Hold message for the purpose of canceling
465 holds. It does not currently support creating hold requests via SIP2.
468 [#sip_17-18_item_information]
470 17/18 Item Information
471 ^^^^^^^^^^^^^^^^^^^^^^
473 The request looks like:
475 17<xact_date>[fields: AO,AB,AC]
477 The request is very terse. AC is optional.
479 The following response structure is for +SIP2+. (Version 1 of the protocol had only 6 total fields.)
481 18<circulation_status><security_marker><fee_type><xact_date>
482 [fields: CF,AH,CJ,CM,AB,AJ,BG,BH,BV,CK,AQ,AP,CH,AF,AG,+CT,+CS]
486 1720060110 215612AOBR1|ABno_such_barcode|
488 1801010120100609 162510ABno_such_barcode|AJ|
490 1720060110 215612AOBR1|AB1565921879|
492 1810020120100623 171415AB1565921879|AJPerl 5 desktop reference|CK001|AQBR1|APBR1|BGBR1
493 |CTBR3|CSQA76.73.P33V76 1996|
495 The first case is with a bogus barcode. The latter shows an item with a circulation_status of _10_ for _in transit between
496 libraries_. The known values of +circulation_status+ are enumerated in the spec.
498 indexterm:[Automated Material Handling (AMH)]
500 EXTENSIONS: The CT field for _destination location_ and CS _call number_ are used by Automated Material Handling
504 [#sip_19-20_item_status_update]
506 ==== 19/20 Item Status Update ====
509 [#sip_23-24_patron_status]
516 2300120060101 084235AOUWOLS|AAbad_barcode|ACsip_01|ADbad_password|
518 24YYYY 00120100507 013934AE|AAbad_barcode|BLN|AOUWOLS|
520 2300120060101 084235AOCONS|AA999999|ACsip_01|ADbad_password|
522 24 Y 00120100507 022318AEDoug Fiander|AA999999|BLY|CQN|BHUSD|BV0.00|AFOK|AOCONS|
524 2300120060101 084235AOCONS|AA999999|ACsip_01|ADuserpassword|LY|CQN|BHUSD|BV0.00|AFOK|AOCONS|
526 24 Y 00120100507 022803AEDoug Fiander|AA999999|BLY|CQY|BHUSD|BV0.00|AFOK|AOCONS|
528 . The BL field (+SIP2+, optional) is _valid patron_, so the _N_ value means _bad_barcode_ doesn't match a patron, the
529 _Y_ value means 999999 does.
531 . The CQ field (+SIP2+, optional) is _valid password_, so the _N_ value means _bad_password_ doesn't match 999999's
532 password, the _Y_ means _userpassword_ does.
534 So if you were building the most basic +SIP2+ authentication client, you would check for _|CQY|_ in the response to
535 know the user's barcode and password are correct (|CQY| implies |BLY|, since you cannot check the password
536 unless the barcode exists). However, in practice, depending on the application, there are other factors to consider in
537 authentication, like whether the user is blocked from checkout, owes excessive fines, reported their card lost, etc.
538 These limitations are reflected in the 14-character _patron status_ string immediately following the _24_ code. See the
539 field definitions in your copy of the spec.
542 [#sip_25-26_patron_enable]
552 ==== 29/30 Renew ====
554 Evergreen supports the Renew message. Evergreen checks whether a penalty is specifically configured to block
555 renewals before blocking any SIP renewal.
558 [#sip_35-36_end_session]
560 ==== 35/36 End Session ====
562 3520100505 115901AOBR1|AA999999|
564 36Y20100507 161213AOCONS|AA999999|AFThank you!|
566 The _Y/N_ code immediately after the 36 indicates _success/failure_. Failure is not particularly meaningful or important
567 in this context, and for evergreen it is hardcoded _Y_.
571 [#sip_37-38_fee_paid]
576 Evergreen supports the Fee Paid message.
579 [#sip_63-64_patron_information]
581 63/64 Patron Information
582 ^^^^^^^^^^^^^^^^^^^^^^^^
584 Attempting to retrieve patron info with a bad barcode:
586 6300020060329 201700 AOBR1|AAbad_barcode|
588 64YYYY 00020100623 141130000000000000000000000000AE|AAbad_barcode|BLN|AOBR1|
590 Attempting to retrieve patron info with a good barcode (but bad patron password):
592 6300020060329 201700 AOBR1|AA999999|ADbadpwd|
594 64 Y 00020100623 141130000000000000000000000000AA999999|AEDavid J. Fiander|BHUSD|BV0.00
595 |BD2 Meadowvale Dr. St Thomas, ON Canada
597 90210|BEdjfiander@somemail.com|BF(519) 555 1234|AQBR1|BLY|CQN|PB19640925|PCPatrons
598 |PIUnfiltered|AFOK|AOBR1|
600 See <<sip_23-24_patron_status, 23/24 Patron Status>> for info on +BL+ and +CQ+ fields.
604 [#sip_65-66_renew_all]
606 ==== 65/66 Renew All ====
608 Evergreen supports the Renew All message.
618 9300CNsip_01|CObad_value|CPBR1|
620 [Connection closed by foreign host.]
623 9300CNsip_01|COsip_01|CPBR1|
627 _941_ means successful terminal login. _940_ or getting dropped means failure.
629 When using a version of SIPServer that supports the feature, the Location (CP) field of the Login (93) message will be used as the workstation name if supplied. Blank or missing location fields will be ignored. This allows users or reports to determine which selfcheck performed a circulation.
634 ==== 97/96 Resend ====
637 [#sip_99-98_sc_and_acs_status]
639 ==== 99/98 SC and ACS Status ====
641 99<status code><max print width><protocol version>
643 All 3 fields are required:
647 * 1: SC is out of paper
649 * 2: SC shutting down
651 * status code - 1 character
653 * max print width - 3 characters - the integer number of characters the client can print
655 * protocol version - 4 characters - x.xx
657 98<on-line status><checkin ok><checkout ok><ACS renewal policy>
658 <status update ok><offline ok><timeout period>
660 <retries allowed><date/time sync><protocol version><institution id>
661 <library name><supported messages><terminal
663 location><screen message><print line>
669 98YYYYNN60000320100510 1717202.00AOCONS|BXYYYYYYYYYNYNNNYN|
671 The Supported Messages field +BX+ appears only in +SIP2+, and specifies whether 16 different +SIP+ commands are
672 supported by the +ACS+ or not.
679 All fixed-length fields in a communication will appear before the first variable-length field. This allows for simple
680 parsing. Variable-length fields are by definition delimited, though there will not necessarily be an initial delimiter
681 between the last fixed-length field and the first variable-length one. It would be unnecessary, since you should know
682 the exact position where that field begins already.
685 === Patron privacy and the SIP protocol ===
687 SIP traffic includes a lot of patron information, and is not
688 encrypted by default. It is strongly recommended that you
689 encrypt any SIP traffic.
691 ==== SIP server configuration ====
693 On the SIP server, use `iptables` or `etc/hosts` to allow SSH connections on port 22 from the SIP client machine. You will probably want to have very restrictive rules
694 on which IP addresses can connect to this server.
697 ==== SSH tunnels on SIP clients ====
699 SSH tunnels are a good fit for use cases like self-check machines, because it is relatively easy to automatically open the connection. Using a VPN is another option,
700 but many VPN clients require manual steps to open the VPN connection.
702 . If the SIP client will be on a Windows machine, install cygwin on the SIP client.
703 . On the SIP client, use `ssh-keygen` to generate an SSH key.
704 . Add the public key to /home/my_sip_user/.ssh/authorized_keys on your SIP server to enable logins without using the UNIX password.
705 . Configure an SSH tunnel to open before every connection. You can do this in several ways:
706 .. If the SIP client software allows you to run an arbitrary command before
707 each SIP connection, use something like this:
711 ssh -f -L 6001:localhost:6001 my_sip_user@my_sip_server.com sleep 10
714 .. If you feel confident that the connection won't get interrupted, you can have something like this run at startup:
718 ssh -f -N -L 6001:localhost:6001 my_sip_user@my_sip_server.com
721 .. If you want to constantly poll to make sure that the connection is still running, you can do something like this as a cron job or scheduled task on the SIP client machine:
725 instances=`/bin/ps -ef | /bin/grep ssh | /bin/grep -v grep | /bin/wc -l`
726 if [ $instances -eq 0 ]; then
727 echo "Restarting ssh tunnel"
728 /usr/bin/ssh -L 6001:localhost:6001 my_sip_user@my_sip_server.com -f -N