You'd use Cosign if you were already in an organization that was using it,
and you wanted your application to use the existing Cosign SSO framework.
LDAP is just a database -- as Richard said, it's not a session manager: it
exists to solve a different problem than Cosign. In our case, Cosign looks
to our internal LDAP database for user information.
If you aren't managing 100+ users, and your environment hasn't already
decided on a SSO system and account directory system, local authentication
is your best option. Django has plenty of plugins to make your life
easier; whatever you do, don't write your own authentication/authorization
code.
John
On Sun, Jul 27, 2014 at 1:12 AM, Christian Seberino <cseber...@gmail.com>
wrote:
> Thanks. I use a web framework called Django. It has its own
> authentication. I guess
> that means I don't *need* Cosign unless I want to separate out the pieces
> as you said for security.
>
> cs
>
>
> On 07/26/2014 10:54 PM, Richard Conto wrote:
>
> Cosign is a web based single-signon solution for a collection of
> related web sites authenticated by a single authentication domain
> (userid/password system.) It could use LDAP (or Kerberos or other
> authentication technologies) to validate a userid & password.
>
> Cosign uses session cookies to implement authentication tickets, etc.
>
>
> Strictly speaking, LDAP is a directory for looking things up. You would
> still need to develop a mechanism of session tracking for a web
> application. There are Apache modules for doing this - and there are also
> web frameworks that can use LDAP for authentication as well.
>
> Cosign allows you to separate your authentication store from your
> application - which means that if your application gets compromised, your
> authentication store isn't.
>
> Shibboleth (which you didn't ask about) is another single-signon web
> technology. It's most suitable for a federation of authentication domains
> that agree to a common policy of sharing information about the individuals
> they vouch for. It requires a lot more resources to maintain and deploy
> than Cosign, but offers solves certain kinds of complicated issues that
> Cosign can't.
>
> --- Richard Conto
>
>
>
>
> ------------------------------------------------------------------------------
> Want fast and easy access to all the code in your enterprise? Index and
> search up to 200,000 lines of code with a free copy of Black Duck
> Code Sight - the same software that powers the world's largest code
> search on Ohloh, the Black Duck Open Hub! Try it now.
> http://p.sf.net/sfu/bds
> _______________________________________________
> Cosign-discuss mailing list
> Cosign-discuss@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/cosign-discuss
>
>
--
John Miller
Systems Engineer
Brandeis University
johnm...@brandeis.edu
(781) 736-4619
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
