CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: CoSign source and configuration changes I have made

Hi Kevin,

cool, I am glad you like them :)

The reason for the cosign/cosign.cgi (and of course cosign/cgi-ssl/logout)
is like you say the development/test environments. I am happy for the
configure and installation to be changed to install directly into the web
root by default (for production)... and perhaps have a --enable-development
which would install the web resources into a cosign directory under the web
root. What do you think about that?

Also I like the changes made to the Cosign login page... awesome... :)



Brett Lomas
Integration Architect
Information Technology Systems and Services
The University of Auckland
New Zealand

Phone:		+64 9 3737 599 extn 86499
Mobile:		+64 21 757 096

-----Original Message-----
From: kevin mcgowan [mailto:clunis@xxxxxxxxx] 
Sent: Thursday, 29 April 2004 2:42 p.m.
To: Brett Lomas
Cc: cosign-discuss@xxxxxxxxx
Subject: Re: CoSign source and configuration changes I have made


These are fantastic and timely (as we're wrapping things up now for the 
1.6 release and should be able to include your changes).  I love the 
defines.m4 and related changes.  I've been meaning to do something like 
that for some time now.

The only question I have is about the DOCROOT/cosign/ change.  Do you 
intend that the recommended installation of cosign would create a 
weblogin server with a URL like this:  or

rather than:

Surely this is maximally flexible, but I'm not sure it is the most 
advisable approach.  Perhaps we could devise a way to make this 
optional?  Thus making it easy to, for example, test cosign on an 
otherwise active web server but deploy cosign on a dedicated web 
server.  I'm not sure how to make this user-understandable, maybe an 
optional cosign html location that would be appended to the end of 
DOCROOT/html/ and inserted into the actions of forms, into 


On Apr 28, 2004, at 3:10 AM, Brett Lomas wrote:

> Hi all,
> I have made the changes (and attached patches for them ? diff taken 
> against the current head on the UM CVS server) details below. I am 
> asking they be considered for inclusion, after discussion into the CVS 
> source. Most of the changes have no impact on the way CoSign works or 
> is configured as a default, they just add options etc.
> The exceptions are I have change the cgi Makefile to install to the 
> web document base in a cosign directory: ie ${DOCROOTDIR}/cosign and I 
> have changed the template and HTML directory to 
> ${cosigndocroot}/cosign/templates and ${cosigndocroot}/cosign/html 
> respectively. I have done this to make the cosign install into is own 
> directory on the web server so that something else, if required can 
> live on the web server also.
> Attatched is a list of the changes made:
> 1.      Added ?with-ticketcache=DIR to allow a user to configure the 
> ticket cache location, defaults to /ticket
>  2.      Added ?with-cosignloginurl=URL to configure the redirection 
> to the cosign login processes, defaults to /
>  3.      Added ?with-webdocroot=DIR to configure the location of the 
> web servers document root for the cosign server installation
> 4.      Added html/defines.m4 to the output files
> 1.      Added html/defines.m4 to the distclean action
> cgi/
> 1.      Remove prefix,exec-prefix,SBINDIR
> 2.      Replaced CGIDIR, DOCROOTDIR with configured vaules from 
> autoconf
>  3.      Added TEMPLATEDIR and COSIGNTICKETCACHE with values from 
> autoconf and dervived
>  4.      Added define for _TEMPLATE_DIR to cgi.o and logout.o actions.
>  5.      Added define for _COSIGN_TICKET_CACHE to cgi.o action.
>  6.      commented out the ?mkdir ?p ${exec_prefix} and changed ?mkdir 
> ?p ${DOCROOTDIR} to ${DOCROOTDIR}/cosign in install action
> cgi/cgi.c
> 1.      Changed ?../templates? in the HTML defines to _TEMPLATE_DIR
>  2.      Change the SERVICE_MENU define from /services/ to 
> /cosign/html/services/
> 3.      Changed TKT_PREFIX from ?/ticket? to _COSIGN_TICKET_CACHE 
> (defined by configure)
> cgi/logout.c
> 1.      Changed ?../tempates? in the HTML defines to _TEMPLATE_DIR
> html/
> 1.      Removed prefix and exec_prefix.
>  2.      Added cosigndocroot set by configure
>  3.      Changed TMPLDIR and HTMLDIR to 
> ${cosigndocroot}/cosign/templates nd ${cosigndocroot}/cosign/html resp
>  4.      Changed the install action to install to these locations etc.
> html/login.m4
> 1.      Added include for defines.m4
>  2.      Changed form action from ?/? to ?LOGIN_URL? (from defines.m4)
> html/verify-logout.m4
> 1.      Added include for defines.m4
>  2.      changed form action from ?/cgi-bin/logout? to ?LOGOUT_URL 
> (from defines.m4)
> daemon/
> 1.      Added COSIGNTICKETCACHE from configure
>  2.      Changed DEFS to include define for _COSIGN_TICKET_CACHE
> daemon/command.c
> 1.      Changed TKT_PREFIX from ?/ticket? to _COSIGN_TICKET_CACHE
> I have created html/ which is an input file for 
> defines.m4, which is included by login.m4 and verify-logout.m4 to use 
> the configured login and logout locations etc.
>  <<...>>
>  ------------
> Brett Lomas
> Integration Architect
> Information Technology Systems and Services
> The University of Auckland
> New Zealand
> Phone:          +64 9 3737 599 extn 86499
> Mobile:         +64 21 757 096
>  !DSPAM:408f597e241301790013946! <cosign_patches.tgz>

                 ... "you can't give yourself a nickname." ...

Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010