Hi Phil. I wrote that application to allow iOS developers at the University of Michigan to use protected resources (primarily JSON & XML web services) without developing custom, unaudited authentication solutions. Developers add the specialized SSO class to their projects, and request an authentication token--a cosign service cookie--from the cache. If the cookie is invalid, the SSO app takes over to retrieve the requested cookie, and returns the cookie to the client application.
In some ways, the project is still fairly crude. I've pushed for the project to become open source and got some traction, but that seems to have stalled. I'll put you in touch with the person leading the mobile software project at UM to see where things stand. Best, andrew On Jun 27, 2011, at 11:26 AM, Phil Pishioneri wrote: > Someone pointed this out to me recently: > > <http://mobileapps.its.umich.edu/sso-app> > > And to save some browsing: > >> Use SSO to sign in securely via the U-M Weblogin service when >> accessing protected U-M mobile apps, such as the My Class Schedule >> feature of Student Academics. >> >> ITS is also working to make SSO available developers to leverage with >> their apps that need access to Cosign-protected data. For more >> information about Weblogin using CoSign, visit Using Web-Authenticated >> Resources at U-M (<http://www.itcs.umich.edu/itcsdocs/s4307/>). >> >> Requirements >> >> iPhone, iPad, or iPod touch with OS version 3.0 or greater > > Are there plans to release the source code for this software? > > How does it exchange CoSign information with the apps designed for it? > > Is only one login required (the SSO app) to access both CoSign-protected > web sites and apps, or are two logins required? > > -Phil > > ------------------------------------------------------------------------------ > All of the data generated in your IT infrastructure is seriously valuable. > Why? It contains a definitive record of application performance, security > threats, fraudulent activity, and more. Splunk takes this data and makes > sense of it. IT sense. And common sense. > http://p.sf.net/sfu/splunk-d2d-c2 > _______________________________________________ > Cosign-discuss mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/cosign-discuss > > !DSPAM:4e08a148300301375893879! > > > ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2d-c2 _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
