On 2014-07-29, 1:09, Christian Seberino wrote:
> Does Cosign *need* to use LDAP?
No.
cosign sends users to its central weblogin server to authenticate. The
central weblogin server CGI will put up a form asking for credentials,
verify those credentials using one or more "factors" (authentication
backends), and, if all the factors are satisfied, create a cosign
session for the user. The user is then sent back to the web service
they were originally trying to access.
The authentication backends can be anything that can be written to plug
in to cosign's factor architecture, including Kerberos (MIT or Microsoft
Active Directory), LDAP (normal or Microsoft Active Directory), Friend
database, PAM modules (so, pretty much anything), X.509 client
certificates, arbitrary external databases, and much more.
> All I want is users to authenticate against one web app and not have
> to authenticate against the second web app.
cosign will not work for this. cosign works by having the user
authenticate against it, and then the user does not have to authenticate
against either of the two web apps. But see below.
> If the 1st web app has its own login systemcan that be used
> instead of LDAP?
cosign will not let a web application put up its own login page and
authenticate the user and then rely on that web application's
authentication results.
However, if you have a particular web application which has a database
that is accessible from the central weblogin server, and that database
stores authentication information, you could write a cosign factor that
connects to that database and performs the same series of steps to
authenticate the user as that particular web application would perform
if it was authenticating the user. But note that after this although
the user would be authenticated to cosign, they'd still need to return
to the web application so that it could establish its own session for
the user, and you'd still need to configure the web application
appropriately for cosign.
Let me know if this isn't clear.
--
Mark Montague
m...@catseye.org
--
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
___
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss