WebAccess and IPv6

| | Comments (0) | TrackBacks (0)

If you are IPv6-enabling a website protected by WebAccess, you might need to make a change to your web server's configuration. Specifically, you might need to set CosignCheckIP never in your Apache config. Otherwise, connections over IPv6 won't be authenticated. You can read more about why this happens in the ITS wiki.

Penn State's WebAccess product is based on CoSign, an open-source web single-sign-on system. The CoSign source code is not IPv6-clean, so even if ASET were to assign IPv6 addresses to the WebAccess servers, we'd still have problems. I'm working on a patch to CoSign to make it IPv6-clean. After the break, I'll do some more testing and submit it to the CoSign project for integration.

0 TrackBacks

Listed below are links to blogs that reference this entry: WebAccess and IPv6.

TrackBack URL for this entry: https://blogs.psu.edu/mt4/mt-tb.cgi/622

Leave a comment