U of M Central Authentication Hub (cookieauth)

Last update: Mon Oct 11 10:19:25 CDT 2010

• ATTENTION: We are beginning the process of retiring CAH in favor of Shibboleth (SAML) authentication. New applications should use Shib instead of CAH. See the U of M Shib Wiki for more details.
• Start here: About CAH - a detailed description of how it works.
• Sample implementation for Apache 1.3.x (includes old no-longer-functional code for Netscape Enterprise Server)
  • README file
  • cookieauth-28.tar.gz
  • cookieauth-28.zip
• Sample implementation for Apache 2.0.x and 2.2.x
  • cookieauth2-3.1.tar.bz2 (SHA1 hash) (MD5 hash)
  • cookieauth2-3.1.tar.gz (SHA1 hash) (MD5 hash)
  • cookieauth2-3.1.zip (SHA1 hash) (MD5 hash)
• CAH Wiki for discussion of alternative implementations (authentication required)

The SQL Developer's Group held a session on Feb. 10, 2004 on implementing CAH to secure applications on Windows. Presentation materials are here.

If you need a widely-browser-recognized SSL certificate for your web server to implement this, we offer cheap certs through Thawte.

Questions/comments? Mail the Identity Management group <idm@umn.edu>.