CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Another quick question and possible bug report

On Mar 28, 2004, at 9:17 PM, Brett Lomas wrote:

Also, I think I have found a bug in the CoSign package. If the client isn’t in the /usr/local/etc/cosign.conf mod_cosign gets a return of 1 from cosign_cookie_valid (ie cv = 1) which cause it to fall through to the set_cookie label, which causes an infinite loop (it set the cookie and attempt to access the CGI, and then goes back to the web resource and does it all again J ).

Good call! We've made a change to the daemon and both filters that will more gracefully handle such a configuration error.

I've checked it into CVS and, pending testing here at UMich, will roll it into the next release. If you could also test this that would be great.


Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010