October 2010 Archives

Session management for SOGo

| | TrackBacks (0)
sogo.logo.pngAt the university of Konstanz we are deploying the SOGo groupware system. Until now, SOGo stores a "username:password"-Cookie in the user's browser as the system seems to be meant as a groupware system for a closed user group.

But because our students and employees are all around the world, I wrote a little apache module to obfuscate the cookie using a session identifier and a user key only known by the user's browser - you will need it to decrypt the session. So if somebody steals the session database it will be useless for him - without the user's key he (or she) won't be able to use the session.


December 2015

Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    

About

This blog is owned by:

Pascal Gienger
J├Ągerstrasse 77
8406 Winterthur
Switzerland


Google+: Profile
YouTube Channel: pascalgienger