 |
cosign-discuss at umich.edu
|
|
general discussion of cosign development and deployment
|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: multiple cosign configuration and runtime issues
* kevin mcgowan <clunis@xxxxxxxxx> [041111 16:26]:
> Yup, that's a known issue. What you're seeing is the service-side
> caching of the service cookie. After the service does a CHECK of your
> cosign-service cookie it sticks a copy in /var/cosign/filter (or
> whatever you've configured) so it won't have to talk to the cosign
> servers again for 2 minutes (the default, can be changed to suit your
> needs).
>
> in scripts/logout/ (in the cosign source distribution) you'll find a
> logout.pl that will:
>
> (1) expire the service-specific cookie
> (2) redirect the user on to your central logout URL
>
> so that after the user logs out they will not still have a
> (temporarily) valid cosign-service cookie in their browser.
>
> Does that clear things up at all? :)
>
> Kevin
Excellent. Thanks! Yes, that definitely clears it up.
Now on to mod_authz_ldap, this is very exciting! :)
Ben
Attachment:
pgp00000.pgp
Description: PGP signature
| 
