[an error occurred while processing the directive]
cosign-discuss at umich.edu
general discussion of cosign development and deployment
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Excluding a directory from the cosign filter


Chassy,

IISCosign does not offer that functionality. By default, whatever directory is specified as <Protected> will apply to all subdirectories. This cannot be overridden.

As a related question, if I am able to exclude a specific directory form
cosign protection, will the cosign-related CGI environment variables still
be available if someone has previously logged in?

As a related answer :) if somebody is logged in via cosign and they access an unprotected directory, at least on IISCosign, their login information will not be available.

--Jarod Malestein
--University of Michigan
--ITCS

--On Monday, April 12, 2004 7:18 PM -0400 Chassy <chassy@xxxxxxxxx> wrote:

I currently have Cosign configured to protect an entire directory.  In the
services section of my cosign.dll.config file, I have a single entry:

<Protected>/</Protected>

Is there a way to exclude a subdirectory, something like:

  <Protected>/</Protected>
  <NotProtected>/facultyHandbook/</NotProtected>

I'm running IIS6 on a Win2K3 server.

My purpose for asking is that I want to make one section of our intranet
publicly accessible.  I could make it available to people with friend
accounts, but that creates a fairly significant barrier to someone needing
the information immediately.

As a related question, if I am able to exclude a specific directory form
cosign protection, will the cosign-related CGI environment variables still
be available if someone has previously logged in?

Thanks,
Chassy





[an error occurred while processing the directive]