Weblogin User Guide

How to Protect your TUHH Website

• "Weblogin Service" Configuration using .htaccess
• Apache Environment Variables
• Logout Configuration and Use
• To configure logout using .htaccess
• Links

"Weblogin Service" Configuration using .htaccess

The PubcookieAuthTypeNames directive in the Apache server configuaration defines the strings that mod_pubcookie enables as additional arguments to the AuthType directive. In TUHH web servers PubcookieAuthTypeNames is set to WebLogin.

To use the TUHH "Weblogin Service", mod_pubcookie must be installed on your web server.

Add the following directives to the .htaccess file of the website you wish to protect.

Apache Environment Variables

The following Apache environment variables are set by TUHH "Weblogin Service":

REMOTE_USER=username@KERBEROS.TU-HARBURG.DE
AUTH_TYPE=WebLogin
HTTP_COOKIE=pubcookie_s_........................................

Logout Configuration and Use

The PubcookieEndSession directive causes mod_pubcookie to clear the current session cookie. Therefore, it is used to implement application logout. This directive can be configured on a per-application basis using .htaccess or configured centrally to create a virtual logout URI that any application on the server can link to in order to implement its own logout function without the need for .htaccess.

To configure logout using .htaccess

The simplest way to configure logout for an application or static website is to place a .htaccess file in a subdirectory (e.g. logout) and put a PubcookieEndSession in the .htaccess file. It might be laid out something like this:

$ ls -a
.htaccess    images/    index.php    other.php    logout/
$ ls -a logout
.htaccess
$ more logout/.htaccess
PubcookieEndSession clearLogin

Links

• Pubcookie Apache Module Configuration Directives