On Jan 19, 2012, at 11:48 AM, Phil Pishioneri wrote: > The CosignCookieExpireTime directive mightn't work correctly in a > multiple-host, load balanced configuration, right? Unless the hosts > shared the CosignFilterDB directory.
Correct. As written, the cgi currently generates a service cookie with this format: cosign-servicename=<cookie_value> This value is passed along to the service's validation URL. If weblogin server validates the cookie, mod_cosign will set the cookie, appending the current timestamp to the value: cosign-servicename=<cookie_value>/<timestamp> mod_cosign then compares that timestamp value against the current time when a request comes through. As you noted, that timestamp will be unique on each host in a loadbalanced or round-robined DNS pool, making the directive much less useful in that context. What are you hoping to do with the expire time? andrew ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
