yes. The webauth mechanism uses cookies or the http headers for allowing one to log in. All one needs to do is follow the webauth api to invalidate a ticket (cancel) and you'd tie this in to a session,terminate() or the like.
On 8/23/06, Q <[EMAIL PROTECTED]> wrote:
On 24/08/2006, at 1:31 AM, Chuck Hill wrote: > Hi Barry, > > Can you provide some details on what these classes do? > > For anyone else interested, Stanford's WebAuth (http:// > webauth.stanford.edu/) uses a very similar architecture and can be > used in place of Cosign. The import of this is that you app can > easily (probably without modification) support multiple web single > sign on implementations. > Great, now you have done it.. I will have to try out both of them now. :P On initial inspection with both these systems it seems an app writer need not concern themselves with how to log a user in, but rather how to log them out. > On Aug 23, 2006, at 6:08 AM, [EMAIL PROTECTED] wrote: > >> Date: Wed, 23 Aug 2006 09:04:24 -0400 >> Subject: CoSign and WebObjects >> On Aug 22, 2006, at 9:24 PM, Q wrote: >>> >>> On 23/08/2006, at 5:24 AM, Jonathan Maybaum wrote: >>> >>>> Because there continues to be discussion on the list about >>>> GVC.SiteMaker and WO web-publishing apps, and how they compare, I >>>> thought that I would provide a link to this presentation: >>>> >>>> http://sitemaker.umich.edu/maybaum/files/usc-sitemaker.pdf >>>> >>>> I think that this provides a bit more insight about what >>>> GVC.SiteMaker (called UM.SiteMaker at the University of Michigan) >>>> is all about. >>> >>> Is the Cosign auth handling mentioned in this presentation managed >>> in the application or using an external module? >> >>> A little bit of both. Authentication is managed by mod_cosign >>> integrated into Apache. Cosign can be backed by different >>> credential >>> stores, Kerberos is used in this case. Google cosign for the full >>> story. The app checks the REMOTE_USER HTTP header to get the >>> identity of the authenticated user and uses that for authorization >>> internally. The apps also redirects to HTTPS to force >>> authentication >>> if an authenticated identity is not found. >> >>> I am interested in Cosign, but haven't looked into what is required >>> to use it with WO. >> >>> Very little. Just read that header and redirect to https if it is >>> not present. >> >>> Chuck >> >> If folks are interested in CoSign, I'll be releasing in about six - >> seven weeks some WO classes to simplify working with the system. >> >> In the last two years we've placed three WO applications into >> production. The platform still seems viable at Michigan. >> >> Thanks, >> Barry >> >> -- >> >> Barry A Starrfield >> Lead Analyst / Programmer >> >> University Housing >> University of Michigan at Ann Arbor >> >> _______________________________________________ >> Do not post admin requests to the list. They will be ignored. >> Webobjects-dev mailing list ([email protected]) >> Help/Unsubscribe/Update your Subscription: >> http://lists.apple.com/mailman/options/webobjects-dev/chill% >> 40global-village.net >> >> This email sent to [EMAIL PROTECTED] > > -- > > Practical WebObjects - for developers who want to increase their > overall knowledge of WebObjects or who are trying to solve specific > problems. http://www.global-village.net/products/ > practical_webobjects > > > > > > _______________________________________________ > Do not post admin requests to the list. They will be ignored. > Webobjects-dev mailing list ([email protected]) > Help/Unsubscribe/Update your Subscription: > http://lists.apple.com/mailman/options/webobjects-dev/qdolan% > 40gmail.com > > This email sent to [EMAIL PROTECTED] -- Seeya...Q -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- _____ / Quinton Dolan - [EMAIL PROTECTED] __ __/ / / __/ / / / __ / _/ / / Gold Coast, QLD, Australia __/ __/ __/ ____/ / - / Ph: +61 419 729 806 _______ / _\ _______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/webobjects-dev/jmlittle%40gmail.com This email sent to [EMAIL PROTECTED]
_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
