PubCookie on Redbrick

From Redbrick Wiki
Revision as of 01:40, 20 April 2007 by Receive (talk | contribs)

Pubcookie is software that allows users at an institution (e.g. Redbrick) to sign-in once to a webpage, and then have "official" access to all other webpages at that institution! This means that you, as a Redbrick user, can login once with your Redbrick username/password, and then do funky stuff (like edit these Wiki webpages) that nobody else on the internet can do! Colmmacc has setup a very basic pubcookie service on Redbrick. It's not pretty, no nice logos, and there are some broken image links, but well, it works - so it's a start, and others can make it look pretty :)

Anyway, go to:

https://www.redbrick.dcu.ie/~colmmacc/yoyo/

And you should be redirected to:

https://www.redbrick.dcu.ie/login/

which is the pubcookie "login portal", where your Redbrick username and password should work, and send you right back to:

https://www.redbrick.dcu.ie/~colmmacc/yoyo/

... where you'll see a page congratulating you on it working, and a messy dump of lots of variables (that Redbrick has access to, i.e., your "environment"), just to prove that colmmacc can't see your password :)

To get more techie, the pubcookie auth module does some clever things like enforce https (i.e. secure web - 'http://www.redbrick.dcu.ie/~colmmacc/yoyo/' should not work), it sets 'REMOTE_USER' to something useful (i.e. their redbrick username) and is generally cool.

To use PubCookie

In order to use pubcookie authentication for parts of your own website, put the following in a .htaccess file for the directory you'd like to protect:

PubcookieAppID some unique identifier for your area
Authtype pubcookie 
require valid-user

(Remember to chmod 744 your .htaccess file otherwise it won't work). And only Redbrick users will be able to use it, and only using their normal Redbrick usernames and passwords.

Any files that gets referenced by the html directly eg: javascript , css should not be placed in a protected directory.

You can unprotect a subdirectory by placing the following in the .htaccess file for the subdirectory.

satisfy any
AuthType none
order deny,allow
allow from all

Examples