CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: blocking friend accounts?

On Aug 5, 2004, at 3:42 PM, Jim Zajkowski wrote:

On Aug 5, 2004, at 5:55 AM, Mark Montague wrote:

On Wed, 4 Aug 2004, Jim Zajkowski wrote:

How can I configure the cosign filter to block access from non-UMICH
principals?  That is, I want to deny access to friend users.

If you're not serving active content, here's something you can add to httpd.conf or .htaccess to deny friends access:

    SetEnvIf Remote_User ".*@.*" friend
    AuthType CoSign
    Require valid-user
    Deny from env=friend

This solution was designed by Wes Craig, I'm just posting
it here.

This magic worked for me:

  RewriteEngine On
  RewriteCond %{ENV:REMOTE_REALM} friend
  RewriteRule ^/(.*) /$1 [F,L]

Where "F" in the RewriteRule returns a FORBIDDEN and stops everything.


Jim Zajkowski          OpenPGP 0x21135C3
System Administrator  8A9E 1DDF 944D 83C3 AEAB  8F74 8697 A823 2113 5C53
UM Life Sciences Institute

Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010