CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: multiple cosign configuration and runtime issues

* kevin mcgowan <clunis@xxxxxxxxx> [041111 16:26]:
> Yup, that's a known issue.  What you're seeing is the service-side 
> caching of the service cookie.  After the service does a CHECK of your 
> cosign-service cookie it sticks a copy in /var/cosign/filter (or 
> whatever you've configured) so it won't have to talk to the cosign 
> servers again for 2 minutes (the default, can be changed to suit your 
> needs).
> in scripts/logout/ (in the cosign source distribution) you'll find a 
> that will:
>      (1) expire the service-specific cookie
>      (2) redirect the user on to your central logout URL
> so that after the user logs out they will not still have a 
> (temporarily) valid cosign-service cookie in their browser.
> Does that clear things up at all? :)
> Kevin

Excellent.  Thanks!  Yes, that definitely clears it up.  

Now on to mod_authz_ldap, this is very exciting! :)


Attachment: pgp00000.pgp
Description: PGP signature

Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010