[system] Repository:
ViewVC logotype

Revision 4944


Jump to revision: Previous Next
Author: sh002i
Date: Wed Apr 25 19:08:59 2007 UTC (7 years ago)
Log Message:
backport (glarose): Added authentication mechanism Cosign.pm.

Added authentication mechanism Cosign.pm.  This implements WeBWorK
authentication using cosign[1], an open-source single sign-on system
developed at the University of Michigan.  This should be a reasonable
model for other modules implementing external, directory or location
based, authentication for WeBWorK.

To use cosign authentication for WeBWorK, set $authen{user_module} in
global.conf to WeBWorK::Authen::Cosign, and then configure apache to
require cosign authentication to enter WeBWorK courses.  If $cosignoff
is set to a true value in the course environment, standard WeBWorK
authentication is used for that course.

Note that cosign is a cookie-based authentication system.  This means
that it is between very hard and impossible to authenticate multiple
users on the same computer/web browser at the same time.  Thus it is
not possible to have both $authen{user_module} and
$authen{proctor_module}
set to Cosign at the same time.

Implementation:
  Cosign.pm inherits from Authen.pm.  It redefines get_credentials to
force password authentication, and then assumes password checks succeed.
Because cosign is a Location/Directory based apache authentication
system, by the time the user gets to the Authen module we know that she
has successfully authenticated against cosign.  We also modify the
forget_verification method to return a redirect to the course
environment
variable $cosign_logout_script.

 [1] <http://www.umich.edu/~umweb/software/cosign/>

Changed paths:

Path Details
Directorybranches/rel-2-3-dev/webwork-modperl/lib/WeBWorK/Authen/Cosign.pm modified , text changed
Directorybranches/rel-2-3-dev/webwork2/lib/WeBWorK/Authen/Cosign.pm modified , text changed

aubreyja at gmail dot com
ViewVC Help
Powered by ViewVC 1.0.9