	cosign-discuss at umich.edu
	general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: REGISTER and a lost login cookie

To: cosign-discuss <cosign-discuss@xxxxxxxxx>
Subject: Re: REGISTER and a lost login cookie
From: Brian Hatch <bri@xxxxxxxxx>
Date: Wed, 9 Mar 2005 00:08:54 -0800
In-reply-to: <20050309075643.GH30886@ifokr.org>
References: <20050309075643.GH30886@ifokr.org>
User-agent: Mutt/1.5.6+20040907i


> 	* If I get an error from basicosign.cgi, then re-run it
> 	  without any login cookie - this will cause basicosign.cgi
> 	  to generate a new one, register it as a login cookie, and
> 	  pass it back to the browser.

Just to follow up, I added the following to my interceptor and it
seems to work now, even when I (or monster) delete a login cookie:

	my @output = `$BASICOSIGN`;
	if ( grep /Error: Register Failed/, @output ) {
	       delete $ENV{HTTP_COOKIE};
	       exec $BASICOSIGN;
	} else {
	       print @output;
	       exit;
	}

Out of curiosity, how many others are using basicosign.cgi out there,
rather than the kerberized version?  Have you had this problem with
login cookie deletion causing problems?



-- 
Brian Hatch                  "The first casualty of war is
   Systems and                always the truth."
   Security Engineer
http://www.ifokr.org/bri/

Every message PGP signed

Attachment: signature.asc
Description: Digital signature

References:
- REGISTER and a lost login cookie
  - From: Brian Hatch

Prev by Date: REGISTER and a lost login cookie
Next by Date: errors trying to create/read cookie file
Previous by thread: REGISTER and a lost login cookie
Next by thread: errors trying to create/read cookie file
Index(es):
- Date
- Thread