SSO

Sharad Desai ssdesai1 at gmail.com
Thu Jul 17 15:07:05 EDT 2008


Thanks Russ.

>Given your platform constraints and desire to avoid Active Directory, I
>think Cosign is definitely your best option.  However, I believe that you
>will need a UNIX server to run the Cosign login daemon, even though you
>can use IIS for specific web applications.  I could be wrong, since I
>don't run it myself, but you should check on that if that will be a
>problem.

Is the Unix server for a cron job?  If so, then there are some
resources that can maybe run this job on IIS.  I'm not quite sure, but from
what I've read there are some out there.  Let me know if those sound bogus
or if you think it can be done.

Thanks again

On 7/17/08, Russ Allbery <rra at stanford.edu> wrote:
>
> "Sharad Desai" <ssdesai1 at gmail.com> writes:
>
> > Also, (I'm not sure how familiar people are with Cosign) since Cosign
> > transforms Kerberos authentication to a cookie-based authentication
> > which the browsers can use, I was wondering if you have had any
> > experience with this.
>
> Given your platform constraints and desire to avoid Active Directory, I
> think Cosign is definitely your best option.  However, I believe that you
> will need a UNIX server to run the Cosign login daemon, even though you
> can use IIS for specific web applications.  I could be wrong, since I
> don't run it myself, but you should check on that if that will be a
> problem.
>
> --
> Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>



More information about the Kerberos mailing list