bcms_pubcookie
This is a BrowserCMS 3.3.x module for using Pubcookie authentication. It replaces the standard BrowserCMS authentication and login.
Prerequisites:
Installation
Add bmcs_pubcookie to your Gemfile
gem 'bcms_pubcookie', :git => 'git://github.com/jamezilla/bcms_pubcookie.git'
Run 'bundle install'
Your apache config should look something like this:
# pubcookie apache module
LoadModule libexec/apache2/.so
# fake basic auth apache module
LoadModule fba_module libexec/apache2/mod_fba.so
<IfModule .c>
/path/to/.cert
/path/to/ssl.key.pem
/path/to/ssl.crt.pem
https://weblogin.washington.edu/
POST
/usr/local//keys/
.washington.edu
UWNetID null SecurID
FakeBasicAuthEnable on
FakeBasicAuthType UWNetID
# force relogin to admin section
<LocationMatch .*/cms/administration.*>
authtype uwnetid
require valid-user
900
</LocationMatch>
# generic pubcookie logout
# visiting www.dxarts.washington.edu/logout-redirect, will have
# the following result:
# - logged out of the application
# - still logged into the weblogin service
# - still identified by your uw netid
# - redirected to the UW logout page
<LocationMatch .*/logout-redirect.*>
authtype uwnetid
require valid-user
PubcookieEndSession redirect
</LocationMatch>
# generic pubcookie logout
# visiting www.dxarts.washington.edu/logout-clearlogin, will have
# the following result:
# - logged out of the application
# - logged out of the weblogin service
# - still identified by your uw netid
# - redirected to the UW logout page
<LocationMatch .*/logout-clearlogin.*>
authtype uwnetid
require valid-user
PubcookieEndSession clearLogin
</LocationMatch>
</IfModule>
The logout-redirect LocationMatch directive above is critical if you want the 'logout' link to work properly.