U of M Central Authentication Hub (cookieauth)

Last update: Wed Mar 21 13:18:12 CDT 2007

• Start here: About CAH - a detailed description of how it works.
• Sample implementation for Apache 1.3.x (includes old no-longer-functional code for Netscape Enterprise Server)
  • README file
  • cookieauth-28.tar.gz
  • cookieauth-28.zip
• Sample implementation for Apache 2.0.x (may also work with 2.2.x). This code is beta, and may not be completely stable yet, especially if you compile Apache with a threaded MPM.
  • cookieauth2-3.0b2.tar.bz2 (PGP signature) (MD5)
• CAH Wiki for discussion of alternative implementations (authentication required)

The SQL Developer's Group held a session on Feb. 10, 2004 on implementing CAH to secure applications on Windows. Presentation materials are here.

If you need a widely-browser-recognized SSL certificate for your web server to implement this, we offer cheap certs through Thawte.

Questions/comments? Mail Chris Bongaarts <cab@tc.umn.edu>.