To follow-up,
With Integrated pipeline mode, I was able to get this working by
unlocking and reordering the modules for my test site, such that CoSign
appears before WindowsAuthentication, FormsAuthentication, and
DefaultAuthentication. I still see no environment variables set with
Classic pipeline mode.
Darian
Darian Anthony Patrick wrote:
> Jarod,
>
> Using Shannon's instructions, in combination with the README.TXT
> distributed with CosignModule-1.0.0beta2.zip, I was able to get CoSign
> for IIS7 installed. However, I am unable to access the environment
> variables as noted in README.TXT:
>
> COSIGN_FACTOR = <%=Request.ServerVariables("COSIGN_FACTOR") %><br />
> COSIGN_SERVICE = <%=Request.ServerVariables("COSIGN_SERVICE") %><br />
> REMOTE_REALM = <%=Request.ServerVariables("REMOTE_REALM") %><br />
> REMOTE_USER = <%=Request.ServerVariables("REMOTE_USER") %><br />
>
> The expected information is also not available in Request.Headers (as it
> was under IIS6).
>
> The behavior that I see differs based on the pipeline mode setting of
> the application pool used to run ASP.NET.
>
> When pipeline mode is "Integrated", I get a 500 error indicating "This
> server variable cannot be modified during request execution."
>
> When pipeline mode is "Classic", my test .aspx is rendered however the
> aforementioned environment variables are not set (though the cookie is
> visible).
>
> In both cases I am redirected for login, authenticate successfully, and
> am redirected back to my test application properly so I feel confident
> that I've configured CosignModule correctly.
>
> Do you, or anyone else on the list, have successful
> CoSignModule-1.0.0beta2 deployments in production? Are they accessing
> the four environment variables as expected? What about other
> application development platforms (PHP, ColdFusion, etc.)?
>
> Any insight would be much appreciated.
>
> Thanks,
>
> Darian
>
> Jarod Malestein wrote:
>> I'm glad you were able to find a solution, Shannon. Please feel free
>> to add this information to the cosign wiki:
>>
>> http://webapps.itcs.umich.edu/cosign/
>>
>>
>> Jarod
>>
>> On Nov 10, 2008, at 4:15 PM, Shannon Johnson wrote:
>>
>>> All,
>>>
>>> I eventually did get the Cosign module to work in IIS7. The 2 things
>>> that tripped me up were the requirement to install the Visual C++
>>> 2008 Redistributable (actually install it, not just copy the DLL’s),
>>> and the Penn State certificate for the Cosign login server. In Penn
>>> State’s case, we have a file called c33a80d4.0 that we used to have
>>> to put in C:\Program Files\IISCosign\SSL\CA. However, the new
>>> version doesn’t have or need that folder since it ties directly into
>>> the Certificate Manager. The tricky part is having to rename the
>>> c33a80d4.0 file to have a .pem extension, then import it into the
>>> Certificate Manager (Local Computer Account), under Personal
>>> Certificates.
>>>
>>> I have all this in an easy-to-follow 20 step text file if you’re
>>> playing around with Server 2008 and need Cosign to work. It’s PSU-
>>> centric, but should be easy to get working with other places. If
>>> you’d like it, just let me know.
>>>
>>> Shannon
>>>
>>> -----------------------------------
>>> Shannon Michael Johnson
>>> Systems Administrator
>>> College of Information Sciences and Technology
>>> 321C IST Building
>>> University Park, PA 16802
>>> Phone: 814-865-9128
>>> -----------------------------------
>>>
>>> From: Shannon Johnson
>>> Sent: Tuesday, November 04, 2008 10:20 AM
>>> To: '[email protected]'
>>> Subject: Cosign on Windows Server 2008
>>>
>>> Hey all,
>>>
>>> I know the Cosign module for IIS7 is in beta, and I’m working on a
>>> non-production, test box anyway. That said, I think there may be a
>>> dependency “problem” with the Cosign module. I’m trying to get it
>>> working in preparation of an eventual server upgrade (just to see if
>>> it’s possible at the moment), and I’m seeing messages in the error
>>> logs related to “Microsoft.VC90.CRT.Manifest”, which I understand is
>>> part of Visual Studio /C++ 2008. Do I have to install the 32-bit
>>> redistributable of that for the Cosign module to work?
>>>
>>> I’m sure I’m not the only person playing around with Server 2008, so
>>> if anyone’s managed to get it working and has some tips, it’d be
>>> appreciated. It’s a test box right now, but if I can get it working
>>> without too much hassle, we may start hosting some unimportant sites
>>> on it.
>>>
>>> Shannon
>>>
>>> -----------------------------------
>>> Shannon Michael Johnson
>>> Systems Administrator
>>> College of Information Sciences and Technology
>>> 321C IST Building
>>> University Park, PA 16802
>>> Phone: 814-865-9128
>>> -----------------------------------
>>>
>>> -------------------------------------------------------------------------
>>> This SF.Net email is sponsored by the Moblin Your Move Developer's
>>> challenge
>>> Build the coolest Linux based applications with Moblin SDK & win
>>> great prizes
>>> Grand prize is a trip for two to an Open Source event anywhere in
>>> the world
>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/_______________________________________________
>>> Cosign-discuss mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/cosign-discuss
>>
>> -------------------------------------------------------------------------
>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
>> Build the coolest Linux based applications with Moblin SDK & win great prizes
>> Grand prize is a trip for two to an Open Source event anywhere in the world
>> http://moblin-contest.org/redirect.php?banner_id=100&url=/
>> _______________________________________________
>> Cosign-discuss mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/cosign-discuss
>
>
--
________________________________________________________________________
Darian Anthony Patrick
Senior Programmer Analyst, Application Security
Office of Information Systems & Computing Voice: (215) 573-1955
Networking & Telecommunications Unit E-mail: [email protected]
University of Pennsylvania Jabber/XMPP: [email protected]
---
CFC7 DF03 337E F7F6 1829 71ED 1038 88AF 3C88 E55C
________________________________________________________________________
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
Cosign-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
