SSO

[Russ Allbery]

"Sharad Desai" <ssdesai1 at gmail.com> writes:

> Also, (I'm not sure how familiar people are with Cosign) since Cosign
> transforms Kerberos authentication to a cookie-based authentication
> which the browsers can use, I was wondering if you have had any
> experience with this.

Given your platform constraints and desire to avoid Active Directory, I
think Cosign is definitely your best option.  However, I believe that you
will need a UNIX server to run the Cosign login daemon, even though you
can use IIS for specific web applications.  I could be wrong, since I
don't run it myself, but you should check on that if that will be a
problem.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>