CUWebLogin
- Provides Kerberos AuthN and Single Sign-On for CUWebAuth
- Custom solution developed at Cornell
- Written in C
- Is a Kerberos proxy
- NetID/password is supplied to CUWebLogin via login web page
- Uses SSL
- Uses Apache to serve up login web page
- CUWebLogin authenticates via Kerberos on user's behalf
- Uses CUSSP to transfer information between CUWebAuth and CUWebLogin
- Uses DBM to store session information
- Uses Kerberos 4 for NetIDs
- Uses Kerberos 5 for GuestIDs
- The same login web page is used for NetIDs and GuestIDs
- Will be replaced by CUWebLogin 2.0
- Production: 2 machines
- No dynamic load balancing
- CUWebAuth can be configured to use either of the 2 CUWebLogin servers
- Fail over happens via CUWebAuth
- CUWebAuth tries primary CUWebLogin server
- If that fails, it tries the secondary
- OS: Solaris 5.9
- Machines are in server farm (Sun Sparc)
- Two factor AuthN required for SSH login
- Machines are split between Rhodes and CCC
- Test: 2 machines
- Dev: 2 machines
{"serverDuration": 75, "requestCorrelationId": "e4a3df90e639c84c"}