CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Cosign Loop Breaking

Perhaps a whole test script could be developed, using wget etc?


-----Original Message-----
From: Bill Doster [mailto:Bill.Doster@xxxxxxxxx] 
Sent: Wednesday, 9 June 2004 1:34 p.m.
To: 'Cosign Discussion'
Subject: RE: Cosign Loop Breaking

> I believe the bad configuration is having the action on the login form set
> incorrectly (at least this is the one I know about). If the action is set
> such that apache redirects (or re-writes the URL) via a GET rather than a
> POST it will lose the data attached, and then the CGI displays the login
> page.
> I agree that this is a case of bad configuration, and perhaps, after
> thought I do not think it would really be worth extra work to detect it.
> the Sys Admin sets it up incorrectly then that is their fault. Perhaps a
> good thing would be some detailed installation documentation which would
> help this problem (and others) to no end.

If this is a configuration problem, perhaps some kind of "test script" which
acts like a browser and checks for common misconfiguration problems could
be included in the distribution and recommended for vetting new

Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010