cosign-announce at umich.edu
cosign release and update announcements
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IISCosign 1.1.1 available for download
thanks for this, sounds good. We will start deploying this here ;)
Is the source for this version available at
http://cowboybebop.staff.itd.umich.edu/iiscosign/ ?? I tried to connect
before but was timing out.
Also, any idea on the date of the next release, as we would love the
kerberos stuff. In fact we need it for one of our applications. Is it
being developed now and in a state for us to test or not that far
On Sat, 2005-02-19 at 11:26, jarod@xxxxxxxxx wrote:
> IISCosign 1.1.1 is now availble for download from <http://weblogin.org>.
> This is being called 1.1.1 instead of 1.1.0 since the versioning with
> InstallShield was slightly off. Therefore, to make sure people are given
> the upgrade option with the installer and to avoid confusion, this one is
> being labeled 1.1.1. It is highly recommended you upgrade as soon as
> possible, especially if you are on a pre-1.1.0 version, due to many useful
> bug fixes.
> We are constantly refining and improving IISCosign and the installer. If
> there are any recommendation or questions you have, please send them to
> The next major item on the IISCosign roadmap is adding the Kerberos ticket
> passing functionality.
> A list of the major changes since version 1.0.0 is below.
> Happy upgrading!
> --Jarod Malestein
> --University of Michigan - ITCS
> Changes in IISCosign 1.1.1:
> + Installer
> Various, small fixes.
> + Some major IISCosign failures reported to the Event Viewer.
> There is now a facility with IISCosign to report events directly to the
> Event Viewer. This is very useful for diagnosing problems, especially if
> the log files cannot be created. The events reported are not comprehensive
> and will continue to be tweaked based on administrators' experience and
> + You can now specify allowUnauthenticatedAccess to <Protected/pages.
> <Protected allowPublicAccess="TRUE">/MySweetWebApp</Protected>
> NOTE: this was previously labeled allowUnauthenticatedAccess. For clarity
> and parity with the Apache version, this has been changed to
> allowPublicAccess. Both will still work, but the former will, eventually,
> be deprecated.
> You can have a folder or web page(s) that can be accessed
> by both logged in and non-logged in users. If the user is logged in, the
> HTTP_REMOTE_USER, HTTP_REMOTE_REALM, and HTTP_COSIGN_SERVICE variables
> will be available. If the user is not logged in, he is not redirected
> and only the HTTP_COSIGN_SERVICE variable is available.
> + Log file locking issue circumvented. This prevented multiple instances
> of the filter from being instantiated in IIS 6.0. Multiple log files are
> created if possible.
> + <HttpsOnly /option added. Default is TRUE. Set to FALSE to allow
> users to access cosign-protected pages without a secure connection.
> + Corrected bug that would protect something like "/studentsAndStaff" if
> "/students" was protected. Then broke it, fixed it, broke it, fixed it.
> This is something you may want to double-check.
> + Extra info put into log file. Please provide feedback on what you
> would and wouldn't like to have in the cosign log file.
> + Https redirect bug fixed.
> + Specifying web sites by their IIS description rather than DNS name is
> now an option.
> Change your <Service /tag as follows:
> <Service IISDescription="IISCosign web site">cosign-service-name
> You can use either the original websitename item to refer to the DNS name
> or the new IISDescription. If both are present, IISCosign first looks for
> IISDescription and will ignore websitename.
> For the curious parties, the "IISDescription" is compared to the
> ServerComment for the web site in the IIS metabase.
> + You can now limit the log file size. Change your <LogFilePathto look
> like this:
> <LogFilePath fileSizeInKB="4096">C:\Program