| Log Message: |
backport (glarose): Added authentication mechanism Cosign.pm.
Added authentication mechanism Cosign.pm. This implements WeBWorK
authentication using cosign[1], an open-source single sign-on system
developed at the University of Michigan. This should be a reasonable
model for other modules implementing external, directory or location
based, authentication for WeBWorK.
To use cosign authentication for WeBWorK, set $authen{user_module} in
global.conf to WeBWorK::Authen::Cosign, and then configure apache to
require cosign authentication to enter WeBWorK courses. If $cosignoff
is set to a true value in the course environment, standard WeBWorK
authentication is used for that course.
Note that cosign is a cookie-based authentication system. This means
that it is between very hard and impossible to authenticate multiple
users on the same computer/web browser at the same time. Thus it is
not possible to have both $authen{user_module} and
$authen{proctor_module}
set to Cosign at the same time.
Implementation:
Cosign.pm inherits from Authen.pm. It redefines get_credentials to
force password authentication, and then assumes password checks succeed.
Because cosign is a Location/Directory based apache authentication
system, by the time the user gets to the Authen module we know that she
has successfully authenticated against cosign. We also modify the
forget_verification method to return a redirect to the course
environment
variable $cosign_logout_script.
[1] <http://www.umich.edu/~umweb/software/cosign/>
|
branches/rel-2-3-dev/webwork-modperl/lib/WeBWorK/Authen/Cosign.pm