What is Pubcookie?
Pubcookie is an open-source package for intra-institutional
single-sign-on end-user web authentication. More generally,
it is an approach to identifying users as they browse to an
institution's many websites that require authentication. It
helps an institution reuse existing authentication services
(like Kerberos, LDAP, or NIS), and it limits the exposure
of end-user passwords by ensuring they're only sent to a trusted
Pubcookie currently includes a login server component as
well as modules for Apache and Microsoft IIS servers that
host content and applications. It also comes with tools for
managing and distributing encryption keys.
Pubcookie was originally developed at the University of Washington
in 1998. In 2001, it was bundled up and made available to
others in conjunction with efforts at Internet2 to better
define web-based initial sign-on (WebISO) systems like Pubcookie
itself. Later that same year, developers at Carnegie Mellon,
Wisconsin, and elsewhere joined the effort to make Pubcookie
more generally useful and this activity moved the project
into the realm of the open-source project where it lives on
The University of Washington licenses the source code of Pubcookie under
the Apache License (Version 2.0).
For historical purposes, you can also see the Pubcookie License
used for versions 3.1.1 and earlier.