What is Pubcookie?

Pubcookie is an open-source package for intra-institutional single-sign-on end-user web authentication. More generally, it is an approach to identifying users as they browse to an institution's many websites that require authentication. It helps an institution reuse existing authentication services (like Kerberos, LDAP, or NIS), and it limits the exposure of end-user passwords by ensuring they're only sent to a trusted login service.

Software Components

Pubcookie currently includes a login server component as well as modules for Apache and Microsoft IIS servers that host content and applications. It also comes with tools for managing and distributing encryption keys.

Project History

Pubcookie was originally developed at the University of Washington in 1998. In 2001, it was bundled up and made available to others in conjunction with efforts at Internet2 to better define web-based initial sign-on (WebISO) systems like Pubcookie itself. Later that same year, developers at Carnegie Mellon, Wisconsin, and elsewhere joined the effort to make Pubcookie more generally useful and this activity moved the project into the realm of the open-source project where it lives on today.

Pubcookie Licensing

The University of Washington licenses the source code of Pubcookie under the Apache License (Version 2.0). For historical purposes, you can also see the Pubcookie License used for versions 3.1.1 and earlier.