cosign: Download |

	cosign Source Code and Installers
	to verify checksum: openssl dgst -sha1 filename

Apache Filter & Weblogin Server:

See our change log for revision information: changelog.txt

Versions of cosign older than 3.0 have an architectural flaw (detailed here). New users of cosign should select the latest cosign 3 release for download. Existing legacy cosign installations should upgrade to cosign 3 as soon as possible. An overview of that process may be found here.

cosign-3.2.0.tar.gz
[ SHA256 6eb6ad1691c27f8f2a99611afe0ec951da626246f75b01435e615c25cde6a242 ]
[ SHA1 a817b755d6227d9528058d28494835248189061c ]
[ RIPEMD160 b5b81e78c522886c48c95b411a2ba50679a3dede ]
browse git source repository

NOTE: the cosign 3.0 apache filters are incompatible with earlier versions of the cosign weblogin software.

Friend guest account system:

/downloads/friend-2.0.2.tar.gz">friend-2.0.2.tar.gz
[ MD5 c227045bb0a4eb7d921547ecccc01f7d ]
browse cvs source repository

Windows Module:

Module for Windows 2008/IIS 7.

Cosign module 3.1.0
[ SHA256 60814de83c08c509cb5b04e5f9a28c30eb582128c1a90df50cfc333be0ed85f1 ]
[ SHA1 d7b4b3a0abee4c7c322d93020031e4dfd7e3b746 ]
[ RIPEMD160 57368ea5a3e7a5b2fa853ed822195fd92411aeee ]

browse cvs source repository

Windows Filter:

Filter for Windows 2003/IIS 6.

IISCosign 3.0.0
[ MD5 d4c13a55614a3622bb12455c8825ada8 ]
[ SHA1 d3e19cdd9ba34e9e7c9287ba1da66ad559a20d68 ]
[ RIPEMD160 005ec13be341ee9920f43e7472521f3c9421f9e3 ]

browse cvs source repository

Java cosign Filter:

JavaCosign 3.0.0
[ SHA256 77268007ec32e539a91eea6dc2a1b241d9b50ff634227baca27db84db73e897a ]
[ SHA1 aaead8056351fdd1c2e6652bc9477f218f6d1cb3 ]
[ RMD160 492a15edf9d6129bbb240bea499c2570c771c44b ]

Legacy AuthZ Resources:

These documents are outdated. They are included here as an historical reference. The cosign project recommends using mod_authnz_ldap for authZ in modern cosign deployments.

Older Versions:

Please see our attic for previous releases of cosign.