CoSign: Collaborative Single Sign-On  
AnnouncementsDiscussion
 

cosign-discuss at umich.edu
general discussion of cosign development and deployment
 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cosign and LDAP authentication?




> Is anyone using cosign to authenticate users via LDAP instead of
> Kerberos?  I'm pretty sure that cosign doesn't support this, but
> I've had an external user ask and I wanted to check.  Note that
> although I'm at the University of Michigan, I'm not an active
> participant of the cosign development group here.

Check the archives for my emails - I'm doing this (on a 1.7.0 version,
IIRC) by replacing the default CGIs which check for an existing
valid cookie, if none is present it asks for authentication, when
you submit it gets the credentials and checks them against LDAP, and
if they are correct it will call the real cosign CGI with REMOTE_USER
already set which will trust the cookie and make everything work.

Details should be in my old emails, or I can send you the
package I've built up.  Not terribly sexy.


-- 
Brian Hatch                  "I like you. You're trouble."
   Systems and               "Well, thank you. It's the nicest thing
   Security Engineer          anybody has said about me in days."
http://www.ifokr.org/bri/

Every message PGP signed

Attachment: signature.asc
Description: Digital signature


 
Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010