Stanford WebLogin Confirmation Page Removal
The WebLogin confirmation page will be eliminated on the evening of August 4th for Stanford University's WebLogin servers. This change is being made in cooperation with Stanford's Information Security Office.
The confirmation page currently appears in two instances:
When a user enters their SUNet ID and password to go to a WebAuthed site.
When a previously authenticated user accesses a different WebAuthed site
After this change, the user will enter their SUNet ID credentials once and then go directly to the target web site.
Note that the confirmation screen will still appear when a web site acts with the delegated credentials of the user, such as WebAFS.
If you are the administrator of a web server that uses WebAuth and you wish to test the new behavior in advance of this change, you can change the Apache configuration of a test server to the following:
WebAuthLoginURL https://weblogin-dev.stanford.edu/login WebAuthWebKdcURL https://weblogin-dev.stanford.edu/webkdc-service WebAuthWebKdcPrincipal firstname.lastname@example.org
This points the server at the test version of WebLogin and should not be used for production web servers.