cosign-discuss at umich.edu
general discussion of cosign development and deployment
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Groups and other variables?
- To: cosign-discuss <cosign-discuss@xxxxxxxxx>
- Subject: Groups and other variables?
- From: Brian Hatch <bri@xxxxxxxxx>
- Date: Wed, 2 Mar 2005 21:13:12 -0800
- User-agent: Mutt/1.5.6+20040907i
So, having gotten cosign working (created Debian packages for
both server+filter and just filter for Debian Woody [apache 1.3],
will work on sarge 1.3 and 2.0 next week) I'm starting to roll
For this first pass, knowing that someone has an Active Directory
account is the important thing. However I know sooner than later
someone will want to be able to allow only users in particular
groups, or perhaps be able to access the user's full name or
email address or something else that's stored in the records that
were originally (via ldap) used to verify the user's password
at login time.
Is there any facility in Cosign to allow you to 'store' other
information aside from the REMOTE_USER when the filter does it's
thing? These would be set in other env variables, and preferably
be available for permissions descisions like 'require-group'
without too much hoop jumping.
Brian Hatch Thou shalt not compose
Systems and limericks at a funeral.
Every message PGP signed
Description: Digital signature