|
cosign-discuss at umich.edu |
| general discussion of cosign development and deployment | |
> * If I get an error from basicosign.cgi, then re-run it
> without any login cookie - this will cause basicosign.cgi
> to generate a new one, register it as a login cookie, and
> pass it back to the browser.
Just to follow up, I added the following to my interceptor and it
seems to work now, even when I (or monster) delete a login cookie:
my @output = `$BASICOSIGN`;
if ( grep /Error: Register Failed/, @output ) {
delete $ENV{HTTP_COOKIE};
exec $BASICOSIGN;
} else {
print @output;
exit;
}
Out of curiosity, how many others are using basicosign.cgi out there,
rather than the kerberized version? Have you had this problem with
login cookie deletion causing problems?
--
Brian Hatch "The first casualty of war is
Systems and always the truth."
Security Engineer
http://www.ifokr.org/bri/
Every message PGP signed
Attachment:
signature.asc
Description: Digital signature