As I understand it, if you have a requirement for a specific factor on an
application server, and the user is authenticated, but they don't have the
factor, you'll see that error when they get redirected back to the login server.
So if you have a user that's logged in as a friend (so they just h
Hi Andrew,
I'm just putting up some new CoSign servers (trying to get out of the
"CoSign-shaped hole" that I dug myself :-), and I thought I'd make sure that I
had the fixed functionality referred to in this bug report (it could be really
useful to us).
I can't see the fix applied in Git. Is th
When we first deployed CoSign, quite a few years ago, we used a really simple
architecture: two servers with a DNS round-robin between them. We knew that
we'd want to do some sort of load balance eventually, but we assumed that this
would be straightforward to implement when we got around to it.
Hi Florian,
We're in the process of trialling two-factor authentication for some of our
services - we're mostly using hardware tokens but we also support software
tokens like Google Authenticator - it's all relatively straightforward.
We have multiple routes for validating a one time password,
Hi all,
I'm seeing some unexpected behaviour, and I'm not sure if this is a config
error or misunderstanding on my part, or "something else"...
I have a CoSign-authenticated webapp that can be accessed on either port 80 or
port 443. This is on Apache httpd (2.2.22), with mod_cosign 3.2.0.
My ex
Hi Andrew,
> > Are there any plans to bring IISCosign (and JavaCosign?) up to the same
> > version/features as mod_cosign?
>
> Yes, there are plans. Is the deployment of IISCosign (IIS6) or CosignModule
> (IIS7) predominant?
We're a mix at the moment. I think there are more IIS6 right now, but
Are there any plans to bring IISCosign (and JavaCosign?) up to the same
version/features as mod_cosign?
Some of the departments at my place use IIS and Tomcat, and getting the
AllowValidationRedirect functionality would be useful...
Thanks in advance!
Steve.
--
One of our suppliers is trying to integrate a Java application with our
CoSign install, and they're seeing an error:
"Failed to borrow CosignConnectionList connect from pool"
It seems to happen when Tomcat tries to connect to cosignd.
Cosignd logs the following:
2011-08-15T12:05:09.0
> This is all a little kludgy, but maybe someone else can suggest a
better
> way.
I had a similar problem which I solved in a different way. I think your
solution is better than mine, but here's what I did anyway:
I solved the problem by intercepting the browser redirection between
authenticatio
Has anyone attempted using CoSign to authenticate users on Lotus Domino?
We're looking at having a go at this, and I'd rather not duplicate
effort if someone else has done this before...
--
Steve Bennett
Information Systems Services, Lancaster University.
---
Dunno if this might be a red herring, but this all stems from using
swfupload, which doesn't support cookies.
Are you required to use swfupload?
I've just (like today) stumbled across plupload (http://plupload.com),
which according to the docs uses a different flash API to avoid the
cookie proble
I'm hoping that this falls into the "there's no such thing as a dumb
question" category...
We're just about to turn on SPNEGO authentication, and one of the
comments that's come back from testing is that users might be confused
at not being prompted for their passwords, and might think that they'r
Morning All,
I've been doing some testing of Kerberos Negotiation in Cosign 2.1.1 - I
started off with something similar to what Simon Wilkinson described at:
http://orthrus.blogspot.com/2007/10/kx509-kerberos-and-cosign.html.
Simon's XMLHttpRequest technique excludes MSIE because of its poor
ha
I know that cosign 2.1.0 is a release candidate, but what is required
for it to be released?
The date on 2.1.0RC2 is March 17 2008 - are there any significant issues
that mean that it should not be deployed yet?
Are there any known upgrade or interoperability issues between
2.0.2/2.1.0 filters an
Here's something that didn't seem to be a problem till I started
thinking about it...
On one of our webservers we have two instances of apache (they run as
different UIDs and generally don't have access to one another's
resources).
One of them uses cosign, and the other doesn't, but I'd kind of li
Hi folks,
I don't know if this is useful to anyone, but I've been using a short
perl script to see what CoSign sessions are currently active. The script
should work both on a central CoSign server and on a CoSign-protected
application server.
There's a copy of the script here:
http://www.lancs
16 matches
Mail list logo
