CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: REGISTER and a lost login cookie

> 	* If I get an error from basicosign.cgi, then re-run it
> 	  without any login cookie - this will cause basicosign.cgi
> 	  to generate a new one, register it as a login cookie, and
> 	  pass it back to the browser.

Just to follow up, I added the following to my interceptor and it
seems to work now, even when I (or monster) delete a login cookie:

	my @output = `$BASICOSIGN`;
	if ( grep /Error: Register Failed/, @output ) {
	       delete $ENV{HTTP_COOKIE};
	       exec $BASICOSIGN;
	} else {
	       print @output;

Out of curiosity, how many others are using basicosign.cgi out there,
rather than the kerberized version?  Have you had this problem with
login cookie deletion causing problems?

Brian Hatch                  "The first casualty of war is
   Systems and                always the truth."
   Security Engineer

Every message PGP signed

Attachment: signature.asc
Description: Digital signature

Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010