CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Conditional Authentication Question

  • To: <cosign-discuss@xxxxxxxxx>
  • Subject: Conditional Authentication Question
  • From: "Daniel E. Lehman" <del3@xxxxxxx>
  • Date: Mon, 8 Nov 2004 10:50:41 -0500
  • Thread-index: AcTFqrou/4mv2EnzQu6yuvb6QsPA8Q==
  • Thread-topic: Conditional Authentication Question

OK, so maybe the subject isn't worded properly, but here is what I would like to do.  I'm shopping for ideas.

We're running IIS using VBScript coded ASP pages.  We have a database driven, online directory where we have elected to hide e-mail addresses to prevent spambots from harvesting addresses.  Essentially, a link is present that takes the user to a form that the user can complete to send a message to the directory listee.  The problem is that all our addresses are hidden all the time.  We would like that to change.

I see two avenues - one is to display the addresses only to hosts within the Penn State IP space while the other is to use some sort of authentication.  I think the best way is to use CoSign, but I am running into a problem - it appears that CoSign is an "all or nothing" product - meaning if I want Penn State people to see the addresses I would need to create a duplicate set of directory pages that would be protected by CoSign leaving the original set of pages available to anonymous access.  What I would like to do is to code the page to look for the cosign cookie and if present, present a link to a pop-up page that would first check the validity of the cookie then display the address.  Is this possible?  Is there a better way that I haven't thought of?


Daniel E. Lehman
Facilities and Network Coordinator
Penn State Materials Research Institute
196 MRI Building
Innovation Park
University Park PA 16802


Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010