Shibboleth authentication for OJS is actually configured in config.inc.php:
This assumes that you have already enabled and configured mod_shib in Apache, or enabled the Shibboleth filter in IIS.
EZProxy wouldn’t really give you a good authentication model, but it could be used as an authorization model, if needed. The difference is authentication would map to an OJS user for reader/reviewer/editorial interaction, whereas authorization would map to an OJS subscription if your articles are paywalled.
My goal is NOT to install a new OJS instance while providing a shibboleth authentication using my institution login (we called NETID)
I believe that either (1) using institutional accounts with its built-in shibboleth authentication system or (2) using an external resource can do this. If my assumption is correct, I will choose one of the two solutions.
I am aiming toward implementing this locally here at Pitt. We’ve done some initial testing to confirm viability. I anticipate needing to change the usernames of our Shib users to scoped usernames, which will mean needing to relax the current username requirements which prohibit the @ sign. You may or may not want to consider that a requirement.