If you hope to have your application used in a single-signon context
(perhaps by a University, etc.) you may want to check to see how your web
framework integrates with single-signon solutions.
--- Richard Conto
DNA Sequencing Core
Biomedical Research Core Facilities
Medical School Administration Office of Research
NCRC Bldg 14 room 168 -- (734) 764-7620
On Sun, Jul 27, 2014 at 1:12 AM, Christian Seberino <[email protected]>
wrote:
> Thanks. I use a web framework called Django. It has its own
> authentication. I guess
> that means I don't *need* Cosign unless I want to separate out the pieces
> as you said for security.
>
> cs
>
>
>
> On 07/26/2014 10:54 PM, Richard Conto wrote:
>
> Cosign is a web based single-signon solution for a collection of
> related web sites authenticated by a single authentication domain
> (userid/password system.) It could use LDAP (or Kerberos or other
> authentication technologies) to validate a userid & password.
>
> Cosign uses session cookies to implement authentication tickets, etc.
>
>
> Strictly speaking, LDAP is a directory for looking things up. You would
> still need to develop a mechanism of session tracking for a web
> application. There are Apache modules for doing this - and there are also
> web frameworks that can use LDAP for authentication as well.
>
> Cosign allows you to separate your authentication store from your
> application - which means that if your application gets compromised, your
> authentication store isn't.
>
> Shibboleth (which you didn't ask about) is another single-signon web
> technology. It's most suitable for a federation of authentication domains
> that agree to a common policy of sharing information about the individuals
> they vouch for. It requires a lot more resources to maintain and deploy
> than Cosign, but offers solves certain kinds of complicated issues that
> Cosign can't.
>
> --- Richard Conto
>
>
>
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
Cosign-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
