• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Re: CoSign and WebObjects
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re: CoSign and WebObjects

  • Subject: Re: Re: CoSign and WebObjects
  • From: "Joe Little" <email@hidden>
  • Date: Wed, 23 Aug 2006 09:24:55 -0700
yes. The webauth mechanism uses cookies or the http headers for
allowing one to log in. All one needs to do is follow the webauth api
to invalidate a ticket (cancel) and you'd tie this in to a
session,terminate() or the like.


On 8/23/06, Q <email@hidden> wrote: 

On 24/08/2006, at 1:31 AM, Chuck Hill wrote:

> Hi Barry,
>
> Can you provide some details on what these classes do?
>
> For anyone else interested, Stanford's WebAuth (http://
> webauth.stanford.edu/) uses a very similar architecture and can be
> used in place of Cosign.  The import of this is that  you app can
> easily (probably without modification) support multiple web single
> sign on implementations.
>

Great, now you have done it.. I will have to try out both of them
now. :P

On initial inspection with both these systems it seems an app writer
need not concern themselves with how to log a user in, but rather how
to log them out.

> On Aug 23, 2006, at 6:08 AM, email@hidden wrote:
>
>> Date: Wed, 23 Aug 2006 09:04:24 -0400
>> Subject: CoSign and WebObjects
>> On Aug 22, 2006, at 9:24 PM, Q wrote:
>>>
>>> On 23/08/2006, at 5:24 AM, Jonathan Maybaum wrote:
>>>
>>>> Because there continues to be discussion on the list about
>>>> GVC.SiteMaker and WO web-publishing apps, and how they compare, I
>>>> thought that I would provide a link to this presentation:
>>>>
>>>> http://sitemaker.umich.edu/maybaum/files/usc-sitemaker.pdf
>>>>
>>>> I think that this provides a bit more insight about what
>>>> GVC.SiteMaker (called UM.SiteMaker at the University of Michigan)
>>>> is all about.
>>>
>>> Is the Cosign auth handling mentioned in this presentation managed
>>> in the application or using an external module?
>>
>>> A little bit of both.  Authentication is managed by mod_cosign
>>> integrated into Apache.  Cosign can be backed by different
>>> credential
>>> stores, Kerberos is used in this case.   Google cosign for the full
>>> story.  The app checks the REMOTE_USER HTTP header to get the
>>> identity of the authenticated user and uses that for authorization
>>> internally.  The apps also redirects to HTTPS to force
>>> authentication
>>> if an authenticated identity is not found.
>>
>>> I am interested in Cosign, but haven't looked into what is required
>>> to use it with WO.
>>
>>> Very little.  Just read that header and redirect to https if it is
>>> not present.
>>
>>> Chuck
>>
>> If folks are interested in CoSign, I'll be releasing in about six -
>> seven weeks some WO classes to simplify working with the system.
>>
>> In the last two years we've placed three WO applications into
>> production.  The platform still seems viable at Michigan.
>>
>> Thanks,
>> Barry
>>
>> --
>>
>> Barry A Starrfield
>> Lead Analyst / Programmer
>>
>> University Housing
>> University of Michigan at Ann Arbor
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Webobjects-dev mailing list      (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>> 40global-village.net
>>
>> This email sent to email@hidden
>
> --
>
> Practical WebObjects - for developers who want to increase their
> overall knowledge of WebObjects or who are trying to solve specific
> problems.    http://www.global-village.net/products/
> practical_webobjects
>
>
>
>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Webobjects-dev mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
> 40gmail.com
>
> This email sent to email@hidden


--
Seeya...Q

                -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

                           _____  /  Quinton Dolan - email@hidden
   __  __/  /   /   __/   /      /
      /    __  /   _/    /      /        Gold Coast, QLD, Australia
   __/  __/ __/ ____/   /   -  /            Ph: +61 419 729 806
                     _______  /
                             _\



 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden



_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: Re: CoSign and WebObjects

      • From: Gavin Eadie <email@hidden>
      • 





References: 


 >CoSign and WebObjects (From: email@hidden)


 >Re: CoSign and WebObjects (From: Chuck Hill <email@hidden>)


 >Re: CoSign and WebObjects (From: Q <email@hidden>)






    

  • Prev by Date:
Re: CoSign and WebObjects

    • 

  • Next by Date:
Re: EC UndoManager Question

    • 

  • Previous by thread:
Re: CoSign and WebObjects

    • 

  • Next by thread:
Re: Re: CoSign and WebObjects

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •