PubCookie on Redbrick

From Redbrick Wiki
Revision as of 08:11, 2 September 2005 by Cammy (talk | contribs) (Added a 'example' section)

Pubcookie is software that allows users at an institution (e.g. Redbrick) to sign-in once to a webpage, and then have "official" access to all other webpages at that institution! This means that you, as a Redbrick user, can login once with your Redbrick username/password, and then do funky stuff (like edit these Wiki webpages) that nobody else on the internet can do! Colmmacc has setup a very basic pubcookie service on Redbrick. It's not pretty, no nice logos, and there are some broken image links, but well, it works - so it's a start, and others can make it look pretty :)

Anyway, go to:

https://www.redbrick.dcu.ie/~colmmacc/yoyo/

And you should be redirected to:

https://www.redbrick.dcu.ie/login/

which is the pubcookie "login portal", where your Redbrick username and password should work, and send you right back to:

https://www.redbrick.dcu.ie/~colmmacc/yoyo/

... where you'll see a page congratulating you on it working, and a messy dump of lots of variables (that Redbrick has access to, i.e., your "environment"), just to prove that colmmacc can't see your password :)

To get more techie, the pubcookie auth module does some clever things like enforce https (i.e. secure web - 'http://www.redbrick.dcu.ie/~colmmacc/yoyo/' should not work), it sets 'REMOTE_USER' to something useful (i.e. their redbrick username) and is generally cool.

To use PubCookie

In order to use pubcookie authentication for parts of your own website, put the following in a .htaccess file for the directory you'd like to protect:

PubcookieAppID some unique identifier for your area
Authtype pubcookie 
require valid-user

And only Redbrick users will be able to use it, and only using their normal Redbrick usernames and passwords.

Any files that gets referenced by the html directly eg: javascript , css should not be placed in a protected directory.

You can unprotect a subdirectory by placing the following in the .htaccess file for the subdirectory.

satisfy any
AuthType none
order deny,allow
allow from all

Examples