cosign-discuss at umich.edu
general discussion of cosign development and deployment
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Cosign Loop Breaking
> I believe the bad configuration is having the action on the login form set
> incorrectly (at least this is the one I know about). If the action is set
> such that apache redirects (or re-writes the URL) via a GET rather than a
> POST it will lose the data attached, and then the CGI displays the login
> I agree that this is a case of bad configuration, and perhaps, after further
> thought I do not think it would really be worth extra work to detect it. If
> the Sys Admin sets it up incorrectly then that is their fault. Perhaps a
> good thing would be some detailed installation documentation which would
> help this problem (and others) to no end.
If this is a configuration problem, perhaps some kind of "test script" which
acts like a browser and checks for common misconfiguration problems could
be included in the distribution and recommended for vetting new configurations?