Samuel Nicolary wrote: > Under a certain shared deployment scenario I am involved with there is > the need to dynamically configure many different reauth and non-reauth > services on a per-directory basis under Apache. > > CosignCryoto, CosignService and CosignCheckIP are presently not > allowed to be specified in .htaccess files even though > CosignProtection and CosignRequireFactor are. Is there a specific > reason for this? > > Should any other configuration directives be considered for this scope > change like CosignCookieExpireTime, CosignSiteEntry, > CosignFactorSuffix, CosignFactorSuffixIgnore, CosignAllowPublicAccess, > CosignHttpOnly, CosignTicketPrefix, ... > > Patch included below for filters/apache/mod_cosign.c and > filters/apache2/mod_cosign.c. >
Sam is working with us here are at U. Penn and this modification has proven to be very useful. Are their technical reasons why these directives were not allowed to be placed inside of .htaccess files? -- ________________________________________________________________________ Darian Anthony Patrick Senior Programmer Analyst, Application Security Office of Information Systems & Computing Voice: (215) 573-1955 Networking & Telecommunications Unit E-mail: [email protected] University of Pennsylvania Jabber/XMPP: [email protected] --- CFC7 DF03 337E F7F6 1829 71ED 1038 88AF 3C88 E55C ________________________________________________________________________ ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
