CosignSiteEntry
a directive for the apache filter that allows the administrator to
force users, upon successful authentication, to return to a specific
URL ( this was formerly referred to as Top of Site policy and is now
called "site entry".) Thanks to Mark Montague for the design.
CosignHttpOnly
a directive that will allow cosign to protect non-SSL encrypted sites.
The cookies will thus will no longer be marked secure, will be
transmitted over http and will be eminently replay-able, but we have
beeen asked for this feature, so it's there. All transactions with the
cgi and cosignd will still be encrypted, just the transaction between
the browser and the webserver will not.
Support for n-tier cosign proxy authentication
The filter can now retrieve pre-registered proxy cookies so one web
server can proxy the services of several others. Thanks to the folks at
University of Edinburgh for their help on this one.
Generic ( non UM ) HTML templates:
LOGIN_ERROR_HTML is now distinct from ERROR_HTML so specific login
errors can all include login screen and fatal errors (where login is
not possible) will not include a login screen. The files in
cosign_src/html/ are login_error.m4 and error.m4 respectively. This
will require a change to your existing html if you are upgrading from a
previous version.
Thanks also to Brett Lomas at University of Auckland for several bug
fixes and for helping us to make cosign configuration even more
flexible.
As always, questions or comments are welcome to cosign@xxxxxxxxx Also,
discussion is welcome at cosign-discussion@xxxxxxxxx
