Because pubcookie is centralized, it allows the user to authenticate once for several applications. The authentication remains valid for up to eight hours.
To demonstrate how pubcookie works, you can try these two test applications. When you connect to one of them, you should be challenged for your UWNetID and a password. If you then connect to the other application, you will not be challenged, because your previous login is still valid.
where Application Name is a name you choose to associate
with your application, and Authorization Directives are
specific to your application. Some authorization examples are
AuthName "Application Name
PubcookieAppID "Application Name"
If you are using another type of authentication, you need to remove all lines associated with that authentication. Examples of these lines are:
AuthType Basic AuthUserFile /www/htaccess/u/my-passwd-fileor
AuthType Basic AuthSrvService uapasswd AuthSrvUserKey username AuthSrvPassKey uapasswdPubcookie enforces the use of SSL connections, so you may choose to remove the command:
.htaccessfile. By doing so, if people connect without SSL, their connection will automatically be changed to SSL before they are allowed to access your application.
If you wish to force a user to authenticate with a username, password, and SecurID number, then change the AuthType line to:
When using SecurID authentication, pubcookie will not reuse previously-entered credentials. In other words, if the user authenticated with pubcookie to another application and then attempted to connect to an application protected with SecurID, the server will once again ask for all credentials. If the credentials time out, then the user will also be prompted to reenter them.
PubcookieAppIDvariable. In the example settings above, "Application Name" would be the same among different directories which are part of the same application.
Pubcooke allows you to modify the timeouts that it uses. There
are two types of timeouts which can be specified in the
When either timeout happens, the browser is sent back to the login page. If UWNetID authentication is being used, then in most cases the browser will be sent right back to the application (unless more than 8 hours have passed since the user first authenticated to the login page). If you are using SecurID authentication, then when a timeout causes the user to go back to the login page, the user must reenter all credentials.
As an example, to set the hard timeout to 4 hours (4 * 60 * 60 or 14400 seconds) and the inactivity timeout to 10 minutes (10 * 60 or 600 seconds):
PubCookieHardExpire 14400 PubCookieInactiveExpire 600
require type faculty staff