PubCookie on Redbrick: Difference between revisions

From Redbrick Wiki
Jump to navigation Jump to search
twiki2mediawiki (talk)
(Automagically converted by twiki2mediawiki)
 
No edit summary
 
(10 intermediate revisions by 5 users not shown)
Line 1: Line 1:
[http://www.pubcookie.org/ Pubcookie] is software that allows users at an institution (e.g. Redbrick) to sign-in once to a webpage, and then have "official" access to all other webpages at that institution! This means that you, as a Redbrick user, can login once with your Redbrick username/password, and then do funky stuff (like edit these Wiki webpages) that nobody else on the internet can do! [[User:Colmmacc|Colmmacc]] has setup a very basic pubcookie service on Redbrick. It's not pretty, no nice logos, and there are some broken image links, but well, it works - so it's a start, and others can make it look pretty :)


Recently fixed by [[User:maK|maK]]


== Redbrick and Pub Cookie ==
[http://www.pubcookie.org/ Pubcookie] is software that allows users at an institution (e.g. Redbrick) to sign-in once to a webpage, and then have "official" access to all other webpages at that institution! This means that you, as a Redbrick user, can login once with your Redbrick username/password, and then do funky stuff (like edit these Wiki webpages) that nobody else on the internet can do! [http://www.redbrick.dcu.ie/~colmmacc/ Colmmacc] has setup a very basic pubcookie service on Redbrick. It's not pretty, no nice logos, and there are some broken image links, but well, it works - so it's a start, and others can make it look pretty :)


Anyway, go to:
Anyway, go to:


=[https://www.redbrick.dcu.ie/~colmmacc/yoyo/ https://www.redbrick.dcu.ie/~colmmacc/yoyo/]=
https://www.redbrick.dcu.ie/~colmmacc/yoyo/


And you should be redirected to:
And you should be redirected to:


=https://www.redbrick.dcu.ie/login/=
https://www.redbrick.dcu.ie/login/


which is the pubcookie "login portal", where your Redbrick username and password should work, and send you right back to:
which is the pubcookie "login portal", where your Redbrick username and password should work, and send you right back to:


=https://www.redbrick.dcu.ie/~colmmacc/yoyo/=
https://www.redbrick.dcu.ie/~colmmacc/yoyo/


... where you'll see a page congratulating you on it working, and a messy dump of lots of variables (that Redbrick has access to, i.e., your "environment"), just to prove that [http://www.redbrick.dcu.ie/~colmmacc/ colmmacc] can't see your password :)
... where you'll see a page congratulating you on it working, and a messy dump of lots of variables (that Redbrick has access to, i.e., your "environment"), just to prove that [[User:colmmacc|colmmacc]] can't see your password :)


To get more techie, the pubcookie auth module does some clever things like enforce https (i.e. secure web - =http://www.redbrick.dcu.ie/~colmmacc/yoyo/= should not work), it sets =REMOTE_USER= to something useful (i.e. their redbrick username) and is generally cool.
To get more techie, the pubcookie auth module does some clever things like enforce https (i.e. secure web - 'http://www.redbrick.dcu.ie/~colmmacc/yoyo/ ' should not work), it sets 'REMOTE_USER' to something useful (i.e. their redbrick username) and is generally cool.
 
==To use PubCookie==


In order to use pubcookie authentication for parts of your own website, put the following in a .htaccess file for the directory you'd like to protect:
In order to use pubcookie authentication for parts of your own website, put the following in a .htaccess file for the directory you'd like to protect:


<pre>[[Rbwiki_PubcookieAppID|PubcookieAppID]] [some unique identifier for your area]
PubcookieAppID ''"some unique identifier for your area"''
Authtype pubcookie  
Authtype pubcookie  
require valid-user</pre>
require valid-user


And only Redbrick users will be able to use it, and only using their normal Redbrick usernames and passwords.
(Remember to ''chmod 644'' your .htaccess file otherwise it won't work). And only Redbrick users will be able to use it, and only using their normal Redbrick usernames and passwords.


Any files that gets referenced by the html directly eg: javascript , css should not be placed in a protected directory.
If you'd like to use pubcookie authentication to only allow one or a subset of users access to a directory:
You can unprotect a subdirectory by placing the following in the .htaccess file for the subdirectory.
 
<pre>
PubcookieAppID ''"some unique identifier for your area"''
satisfy any
Authtype pubcookie
[[Rbwiki_AuthType|AuthType]] none
require user "username1","username2","username3"
order deny,allow
allow from all
</pre>


[[[Rbwiki_WebHome|WebHome]] [[Rbwiki_RbWiki|RbWiki]]], this wiki, uses this as its authenticator.  
Any files that gets referenced by the html directly eg: javascript , css should not be placed in a protected directory.  


[http://www.redbrick.dcu.ie/~shimoda/ Shimoda] has a script that can [http://www.redbrick.dcu.ie/~shimoda/proxy/prox.cgi access webpages from DCU] including sites that DCU has subscriptions to.
You can unprotect a subdirectory by placing the following in the .htaccess file for the subdirectory.


link has a [http://www.redbrick.dcu.ie/~link/news/ web newsreader]
satisfy any
AuthType none
order deny,allow
allow from all


==Examples==


* [[Main_Page|Redbrick Wiki]], this wiki, uses this as its authenticator.
* [[User:Shimoda|Shimoda]] has a script that can [https://www.redbrick.dcu.ie/~shimoda/proxy/ access webpages from DCU] including sites that DCU has subscriptions to.
* [[User:Link|Link]] has a [http://www.redbrick.dcu.ie/~link/news/ web newsreader]


[[Category:HowTo]]

Latest revision as of 21:35, 6 July 2015

Pubcookie is software that allows users at an institution (e.g. Redbrick) to sign-in once to a webpage, and then have "official" access to all other webpages at that institution! This means that you, as a Redbrick user, can login once with your Redbrick username/password, and then do funky stuff (like edit these Wiki webpages) that nobody else on the internet can do! Colmmacc has setup a very basic pubcookie service on Redbrick. It's not pretty, no nice logos, and there are some broken image links, but well, it works - so it's a start, and others can make it look pretty :)

Recently fixed by maK


Anyway, go to:

https://www.redbrick.dcu.ie/~colmmacc/yoyo/

And you should be redirected to:

https://www.redbrick.dcu.ie/login/

which is the pubcookie "login portal", where your Redbrick username and password should work, and send you right back to:

https://www.redbrick.dcu.ie/~colmmacc/yoyo/

... where you'll see a page congratulating you on it working, and a messy dump of lots of variables (that Redbrick has access to, i.e., your "environment"), just to prove that colmmacc can't see your password :)

To get more techie, the pubcookie auth module does some clever things like enforce https (i.e. secure web - 'http://www.redbrick.dcu.ie/~colmmacc/yoyo/ ' should not work), it sets 'REMOTE_USER' to something useful (i.e. their redbrick username) and is generally cool.

To use PubCookie

In order to use pubcookie authentication for parts of your own website, put the following in a .htaccess file for the directory you'd like to protect:

PubcookieAppID "some unique identifier for your area"
Authtype pubcookie 
require valid-user

(Remember to chmod 644 your .htaccess file otherwise it won't work). And only Redbrick users will be able to use it, and only using their normal Redbrick usernames and passwords.

If you'd like to use pubcookie authentication to only allow one or a subset of users access to a directory:

PubcookieAppID "some unique identifier for your area"
Authtype pubcookie 
require user "username1","username2","username3"

Any files that gets referenced by the html directly eg: javascript , css should not be placed in a protected directory.

You can unprotect a subdirectory by placing the following in the .htaccess file for the subdirectory.

satisfy any
AuthType none
order deny,allow
allow from all

Examples