Recent changes to feature-requests

Additional Cosign*Factor directives (satisfy, deny)

2015-02-12T20:18:28.236000Z

I would like to see two additional mod_cosign directives..

CosignSatisfyFactor - allow any of the listed factors access
CosignDenyFactor - deny access to the people authenticated with that factor

Honor subject alternate names during validation

2015-01-15T22:25:53.714000Z

If one certificate is used for multiple sites, typically new rules need to be created to allow for each of the names in the subject alternate names. During validation, if the subject alternate names were checked during validation, new rules would not have to be created to match the CN with names already in the subject alternate names list.

Allow use of CosignProtected with LocationMatch in mod_cosign / apache httpd

2014-11-19T14:37:00.578000Z

I would like to be able to invoke CosignProtected / CosignRequireFactor in conjunction with the Apache HTTPd LocationMatch directive. Specifically, I would like to be able to trigger cosign with query string arguments.

use case - cosign is protecting our peoplesoft system. It generates some pretty ugly URLs. I would like to be able to trigger CosignRequireFactor for any URL that contains the "EMPLOYEE_SELF_SERVICE" in the query string.

IIS Module - Allow more specific certificate selection

2014-07-30T17:49:01.713000Z

Please allow to select a specific certificate in the MY store instead of using the CN to select. If multiple certs are in the MY store with the same CN it seems that the Cosign module picks the first one it finds - which isn't always the correct cert.

Maybe selection by serial number instead of CN would be better, or another unique certificate attribute?

#13 allow friend tablespace to be specified in config

2014-01-14T17:46:30.080000Z

The branch to test is called "friend-db-name", and the new cosign.conf key is "mysqldbname", as in:

set mysqldbname cosignfriend

#13 allow friend tablespace to be specified in config

2014-01-14T17:44:53.841000Z

Preliminary patch up at my github fork of the cosign source:

https://github.com/moretension/cosign.git

Please test and report with results. You will need to run autoconf to regenerate the configure scripts.

#13 allow friend tablespace to be specified in config

2014-01-14T16:53:51.245000Z

assigned_to: Andrew Mortensen

allow friend tablespace to be specified in config

2014-01-14T16:52:30.882000Z

You can specify all of the mysql connection information for Friend (db host, user, pw) except for the database name (which is assumed to be "friend"). It would be nice if you could set the db name in config.

allow friend tablespace to be specified in config

2014-01-14T16:52:30.882000Z

Ticket 13 has been modified: allow friend tablespace to be specified in config
Edited By: Andrew Mortensen (fitterhappier)
Owner updated: None => u'fitterhappier'

Interstitial destination during login sequence

2013-02-21T19:28:38.165000Z

It would be helpful if Cosign could be configured to pass through a waypoint between logging in and being sent on to requested service. Maybe that page shows up in a foreground layer while the requested is loaded in the background. Potential use? MOTD or system notices?

Specifically, we're looking to deploy a self service password management system that has webservices that provide things like password expiry warnings, or reminded to set challenge/response questions. It seems like an appropriate time to display those messages would be during the login process.