On Jul 28, 2010, at 5:53 PM, Joshua Scott Emmons wrote: > Greetings all. > > I have a rails app and a client who wants to auth with CoSign. Of course, I'm > not running apache, so I'm thinking of writing my own "filter" in ruby.
I'm aware of a perl script which behaves like a filter, so I don't see any real difficulty in the writing, but before you begin that work you might pause to remember that there are cosign filters for IIS6, IIS7, lighttpd and JAAS, in addition to the Apache 1.3.x and 2.x filters. If in fact you're not running any of these filters, it might be reasonable to proceed with a ruby implementation. > I've been reading up on the official apache filter on the CoSign wiki, and a > ruby rewrite seems possible because I only need to be able to grab cookies, > set cookies, redirect the client's browser, and post cookies out-of-band to > some cosignd server to fulfill the filter's contract. A filter supporting recent (3.x) releases of cosign must: 1) check for the presence and validity of a cosign service cookie, and permit access if the cookie is good; 2) redirect to the weblogin server if the check fails; 3) intercept requests for the validation URI (typically /cosign/valid), and validate the protected service URL and the service cookie; 4) redirect to the protected service URL; I'm assuming you've been looking at this page: <https://webapps.itcs.umich.edu/cosign/index.php/Cosign_Wiki:CosignFilterSpec> It's a little out of date. We've got a draft of the 3.x filter spec, and will try to get that uploaded. andrew ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ Cosign-discuss mailing list Cosign-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cosign-discuss
