Authenticating Securely

Aurora · l33t Joined: 26 Sep 2003 Posts: 658 Location: Classified

I got this idea when I was presented with a secure login screen at a university's webserver.

I'm trying to secure some of the websites that I host on my Gentoo machine using an encrypted (ssl) cookie authentication system. I did a lot of searching and hunting and it seems that one of the best systems out there is called "CoSign." More infomation can be found here:

http://www.weblogin.org

Now, I've been fighting with this thing for hours to get a simple login screen that is encrypted and will drop a cookie in the user's browser for the session in order to authenticate users. The situation is complicated by the fact that server ssl certificates are so tightly integrated with the CoSign system.

So, I'm here to ask: does anyone know of an easy, very secure, and well-written web authentication system that uses cookies and ssl?

Any thoughts/ideas appreciated.

_________________
"My downfall raises me to infinite heights." -Napoleon Bonaparte

eldad · Retired Dev Joined: 26 Jan 2006 Posts: 45 Location: Israel

just use any authentication system under https and it should work just fine.