On Aug 22, 2006, at 9:24 PM, Q wrote:
On 23/08/2006, at 5:24 AM, Jonathan Maybaum wrote:
Because there continues to be discussion on the list about
GVC.SiteMaker and WO web-publishing apps, and how they compare, I
thought that I would provide a link to this presentation:
http://sitemaker.umich.edu/maybaum/files/usc-sitemaker.pdf
I think that this provides a bit more insight about what
GVC.SiteMaker (called UM.SiteMaker at the University of Michigan)
is all about.
Is the Cosign auth handling mentioned in this presentation managed
in the application or using an external module?
A little bit of both. Authentication is managed by mod_cosign
integrated into Apache. Cosign can be backed by different credential
stores, Kerberos is used in this case. Google cosign for the full
story. The app checks the REMOTE_USER HTTP header to get the
identity of the authenticated user and uses that for authorization
internally. The apps also redirects to HTTPS to force authentication
if an authenticated identity is not found.
I am interested in Cosign, but haven't looked into what is required
to use it with WO.
Very little. Just read that header and redirect to https if it is
not present.
Chuck
--
Practical WebObjects - for developers who want to increase their
overall knowledge of WebObjects or who are trying to solve specific
problems. http://www.global-village.net/products/practical_webobjects
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list ([email protected])
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com
This email sent to [email protected]
