Penn Computing

Penn Computing

Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn

Penn WebLogin

Penn WebLogin is the central PennKey authentication process for restricting access to web applications and static web pages. Penn WebLogin uses CoSign, a collaborative secure single sign-on (SSO) web authentication system. Penn WebLogin replaced Websec as our PennKey authentication mechanism.

For all users

When you log in to a PennKey-protected web resource at the Penn WebLogin page, you will be creating a 10-hour WebLogin session that provides access to PennKey-protected web resources without requiring you to log in for each one. When you finish working, it's essential that you log out or quit/exit your web browser to terminate the WebLogin session and ensure that no one else can access protected web resources in your name. See About Penn WebLogin for more information.

For developers and owners of applications or web pages

One of the key benefits of Penn WebLogin is ongoing performance and security reviews. It is expected that upgrades and patches will be made available periodically. These upgrades are provided from the core WebLogin development team and have undergone rigorous testing. Although not all upgrades address critical security concerns, best practices recommend that application providers maintain the most current releases of patches and filter version. ISC will provide periodic upgrade/release information to the registered owner/developer as entered in the WebLogin Management Console. It is critical to keep application owner/developer contact information updated. Please use the WebLogin Management Console to upgrade the application owner/developer information.

WebLogin Outage Information

Tuesday July 26th 2016: On Monday evening at 8:00 PM there was a power outage on campus which caused a WebLogin outage. Services were migrated to the secondary WebLogin server by 8:31 PM. Please be aware that we have had some reports of lingering weblogin issues. One of the problems may be that the firewall rules setup on service providers may only include the IP address of the primary WebLogin server.

Resolving Issues - If WebLogin is still not working for you

Ensure that both of the WebLogin IP Addresses are included in your firewall rules, or you have allowed
You must allow connections over port 6663.

Finally, if you continue to have problems please follow your procedures for restarting your running web server (IIS or Apache). This is not a request to reboot the host, just the web server.

Service Alerts


Information Systems and Computing
University of Pennsylvania
Comments & Questions

Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania