February 18, 2011
Shibboleth at UM
Another email snippet, this one from MM.
Have folks found commercial hosting providers that can handle installation, config, and support of Cosign? Well, there are different sorts of hosting providers. The problem is not with the Drupal cosign module, it's whether the hosting provider is willing to handle mod_cosign for Apache HTTP Server, which the Drupal cosign module requires.
If you purchase a VM guest from a VPS hosting provider -- or find a PHP/MySQL hosting provider that provides root access to its customers -- then you can install and configure mod_cosign yourself. Of course, this is not what you were asking for.
cosign is a tough sell to PHP/MySQL hosting providers that do not provide their customers with root access, since cosign is primarily used by a few dozen higher-ed institutions around the world: not a very big market. Shibboleth would be a much easier sell, since it is supported by over 272 institutions in North America and over a thousand worldwide. Note that Shibboleth here at U-M uses cosign for authenticating U-M users, but that the current version of Shibboleth does not support multifactor authentication (e.g., MTokens), reauthentication, global log-out, or (as Shibboleth is currently deployed at U-M) Friend or other guest accounts, all of which are supported by cosign. For more information on Shibboleth, see
I hope this helps.
Posted by kkwaiser at February 18, 2011 08:54 AM