Re: COSIGN: note: login form action="/"

[Shanti Suresh <shanti@xxxxxxxxx>]

Hi Kevin,

I appreciate your posting that message.  Quite detailed
and comprehensive, actually.  One small thing that you might
want to consider adding though, for the benefit of
the newbie web-administrators out there, is that weblogin is dedicated
only for the purpose of running the cosign.cgi and authenticating; i.e. 
there are no user-directories or any other CGI scripts running.
Am I correct in making this assumption?
Just a thought that struck me because you turn ExecCGI on
at DocumentRoot.  So I thought it might help to state
that the whole web-site is pretty trustworthy.

Now is the reason you're not using "mod_rewrite"
because you included only select modules during
the server-build, so you can keep the httpd-size to the bare minumum?

Thanks.

                                           -Shanti

kevin mcgowan wrote:
> This isn't really cosign, per se, but it came up in a discussion with 
> someone trying to implement cosign yesterday so I thought I'd share 
> with the group.  Those of you who've set up your own weblogin server 
> (cosign.cgi, cosignd, monster) or read the weblogin server README 
> probably know that, on Michigan's weblogin server, we do the following 
> in the apache conf:
>     1.  set up cosign.cgi as DirectoryIndex and make cosign.cgi's home 
> DocumentRoot
>     2.  set up AddHandler cgi-script  for files ending in .cgi
>     3.  turn on ExecCGI for DocumentRoot

--

Shanti Suresh
E-mail: shanti@xxxxxxxxx
IT Communications Services
Information Technology Central Services
University Of Michigan





!DSPAM:40604b1d291302844011858!