--On Tuesday, April 08, 2008 8:53 AM +0200 Oleg Polovinkin <[EMAIL PROTECTED]> wrote:
> to give unregistered users possibility to access forums as guests. > Of course in this case there is no auto-redirect from > http://forum.domain1.net to https://weblogin.domain1.net. But I've > opened https://weblogin.domain1.net, log in there and go back to > http://forum.domain1.net. And neither COSIGN_SERVICE nor REMOTE_USER are > set at http://forum.domain1.net. :( So I can't make myself authenticated > on forum.domain1.net when CosignAllowPublicAccess is set to "On". > > I misunderstood something in mechanics of cosign, I fear. Please, give me > a clue. Or it's definitely impossible to use it such way I'm trying to? > Hi Oleg, We had a few applications that had the same requirement of being "Cosigned" while allowing both non-authenticated and authenticated access. What we ended up doing is securing a specific path (like /login) on the application server with "CosignAllowPublicAccess Off" and placing a simple redirect script that will redirect the user back to the calling page. The application itself is secured using "CosignAllowPublicAccess On". Anonymous access will work because of the "CosignAllowPublicAccess On". When a user requests authentication, the application should simply send the user to the /login/... redirect script, this will cause the user to be again redirected to weblogin.domain1 (if she does not have a Cosign session already active), and eventually be redirected back to the calling application authentication page, but this time with REMOTE_USER set. ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Register now and save $200. Hurry, offer ends at 11:59 p.m., Monday, April 7! Use priority code J8TLD2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
