weblogin.org
cosign: Overview of CoSign |
http://weblogin.org/overview.shtml
This is a somewhat simplified visual representation of Cosign authentication process and information flow. Time flows from the top of the diagram to the bottom. 'Weblogin' is the central cosign server, 'user' is the web user, and 'service' is a cosign-protected web server. In pdf, here are the two most common scenarios for initial authentication:. User visits weblogin first: cosigncase1.pdf. User visits service first: cosigncase2.pdf. Educause 2005 Cosign Presentation. Educause 2003 Cosign Presentation.
weblogin.org
cosign: License |
http://weblogin.org/license.shtml
The University of Michigan. C/o UM Webmaster Team. Ann Arbor, MI 48105-2785.
weblogin.org
cosign: FAQ |
http://weblogin.org/faq.shtml
Cosign Frequently Asked Questions. Building, Installation, and Administration. This guide covers downloading, building, configuring, and installing cosign on your web server. For documentation on the weblogin environment at the University of Michigan, please consult their documentation. How do I test that cosign is installed and running? HelloCosign.jsp says "Hello, null! When I run it. This is happening because Tomcat is not configured to use Apache's authentication. X80g x01 x03 x01. This is a fairly c...
weblogin.org
cosign: Filter |
http://weblogin.org/filter.shtml
Specification and UM Example Installation. In cosign parlance, an 'authentication filter' is the piece of software required on a web or application server to participate in the single sign-on and proxy environment. Authentication filters are available or in development for: Apache 1.3.x, Apache 2.x, IIS, J2EE. If you are interested in developing an authentication filter, send a note to the mailing list, and we'll get you started. Authentication Filter Installation Demo: 4th March 2003. Cosign Demo ( pdf ).
weblogin.org
cosign: Roadmap |
http://weblogin.org/roadmap.shtml
Including UM weblogin service rollout. New service registration mechanism. Tokencache API for filesystem or oracle backend (? External authenticators in the CGI. Multifactor authentication in the CGI. New Cosign v2 protocol. New version of libcgi, no more lex/yacc! IP changes trigger re-auth events. Dbhash support for filter and daemons. Removal of k4 support for filters. Kx509 and kct integration. Greater configuration flexibilty in filters. Friend enhancements - separate release. Apache 2.0 support.
weblogin.org
cosign: Download |
http://weblogin.org/download.shtml
Cosign Source Code and Installers. To verify checksum: openssl dgst -sha1 filename. Apache Filter and Weblogin Server:. See our change log for revision information: changelog.txt. Versions of cosign older than 3.0 have an architectural flaw (detailed here. New users of cosign should select the latest cosign 3 release for download. Existing legacy cosign installations should upgrade to cosign 3 as soon as possible. An overview of that process may be found here. Cosign-3.2.0.tar.gz. IISCosign 3.0.0.
weblogin.org
cosign: Building CoSign |
http://weblogin.org/build.shtml
To build the Apache filter you need Apache 1.3.X. Support for Apache 2.x is available. Your web server should have SSL enabled. You will need OpenSSL 0.9.7a or newer. Users of operating systems lacking a built-in source of entropy ( such as AIX ) will want to get prngd. To build the Apache authentication filter:. NOTE: On Redhat 9, kerberos is in a non-standard place, and so, by default, configure may not find it. So if you need to use kerberos ticket transfers, you will need to do the following. Make in...
