CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Conditional Authentication Question

You take a road along Second Avenue and find out whenever user was
authenticated by checking server variables 
 Or you can create your own cookie in resource protected with cosign.

-----Original Message-----
From: Daniel E. Lehman [mailto:del3@xxxxxxx] 
Sent: Monday, November 08, 2004 10:51 AM
To: cosign-discuss@xxxxxxxxx
Subject: Conditional Authentication Question

OK, so maybe the subject isn't worded properly, but here is what I would
like to do.  I'm shopping for ideas.

We're running IIS using VBScript coded ASP pages.  We have a database
driven, online directory where we have elected to hide e-mail addresses to
prevent spambots from harvesting addresses.  Essentially, a link is present
that takes the user to a form that the user can complete to send a message
to the directory listee.  The problem is that all our addresses are hidden
all the time.  We would like that to change.

I see two avenues - one is to display the addresses only to hosts within the
Penn State IP space while the other is to use some sort of authentication.
I think the best way is to use CoSign, but I am running into a problem - it
appears that CoSign is an "all or nothing" product - meaning if I want Penn
State people to see the addresses I would need to create a duplicate set of
directory pages that would be protected by CoSign leaving the original set
of pages available to anonymous access.  What I would like to do is to code
the page to look for the cosign cookie and if present, present a link to a
pop-up page that would first check the validity of the cookie then display
the address.  Is this possible?  Is there a better way that I haven't
thought of?


Daniel E. Lehman
Facilities and Network Coordinator
Penn State Materials Research Institute
196 MRI Building
Innovation Park
University Park PA 16802


Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010