CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cosign Filter creates unparsable URL on post

Yup, that sure doesn't work right! :)

The fix will be in 1.8. Thanks for catching this.


On Mar 10, 2005, at 1:20 AM, Brian Hatch wrote:

Testing out the POST error handling in the case where
your session may have timed out and you get redirected
back to the login server.

Looks like the apache filter creates the redirect to;&https://

Normally you have ?cosign-servicename=COOKIE;&https://originalpage/

In this case the service part seems to be replaced by the post_error page, and
so basicosign.cgi is showing an error with 'Unrecognized Service',
rather than showing that post_error.html page.

Here's the filter's Apache configuration:

CosignCrypto /var/lib/cosign/ssl/key.pem /var/lib/cosign/ssl/cert.pem /var/lib/cosign/certs


Any clues?

Brian Hatch                  Arkansas: One
   Systems and                Million People,
   Security Engineer          Fifteen Last Names

Every message PGP signed

Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010