The way cosign works is that a user will visit a page on the portal (or
web site) that requires authentication, using the portal's
already-existing URL. The cosign filter, which is installed on the
portal web server, will check with the central cosign servers to see if
the user is already authenticated -- if they are, they are granted
access to the secure web page that they have requested. If they are not
already authenticated, they will be redirected to the central cosign
servers in order to authenticate. After they have successfully
authenticated, the central cosign servers will automatically send them
back to the URL of the secure web page on the portal that they were
originally trying to access.
The advantage to this is that no custom programming or integration is
needed.
The downside to this is that IF your portal uses portlets that mix
content that requires authentication with content that does not require
authentication on the same page, you may experience some problems.
cosign does not provide any sort of "portal API" and so portlets cannot
individually and explicitly manage authentication themselves directly.
Instead, the portlet engine that invokes the portlets in order to
generate the HTML page that the user sees has to know whether
authentication should be required or not. If your portal does not use
portlets, or if your portlets can communicate this to the portal engine,
and if the portal engine can handle that (or especially if it is
possible to tell whether a page should require authentication or not
just by it's URL), then you're fine. But otherwise, you might want to
use a different WebSSO product other than cosign and/or a different
portal system.
Mark Montague
ITCS Web/Database Team
The University of Michigan
[EMAIL PROTECTED]
On Wed, Sep 24, 2008 9:14 AM, "arash givchi" <[EMAIL PROTECTED]>
wrote:
Hi,
I have different portals for different groups of people in my
organization, and I want to bring all of these websites under
protection of cosign auth server;
But my problem is how to make cosign to redirect everyone to the
appropriate portal(not using different auth servers); I don't know if
there is any kind of variable or something else for decision making;
I would be really pleased if you help me.
Thanks in advance
Arash
------------------------------------------------------------------------
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
------------------------------------------------------------------------
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
