CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cosign Re-Authentication Specification

On 30 Mar 2005, at 16:48, Wesley Craig wrote:
On 28 Mar 2005, at 14:25, Cory Snavely wrote:
Wesley Craig wrote:
On 25 Mar 2005, at 15:59, Cory Snavely wrote:

  I think there should be a "this isn't me--log on as a different
  person" button. Not quite sure how to word that, but I think it's
  needed to help the innocent victim.

Good idea. Let's add a button/text. If the user selects this path, they will logout the previous user, and be redirected back to the URL. Since the URL required (unsatisfied) reauthN, there should be no cached cookies, the "CHECK" will fail, a new service cookie will be set, and a login will be triggered.

Either that, or just go straight to weblogin.

After some analysis, I think just going straight to weblogin ought to work.

And after trying to write that, I guess it doesn't :)

In fact, we're going to POST to the logout CGI, which will log the user out, redirect back to the referring service, which ought to send the user back to weblogin. This is necessary in order to allow the service to implement the "Site Entry" functionality.


Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010