Shibboleth Developers

[Jim Fox <>]

Am I on the right path thinking that the authn process starting
with shib 1.3 might go something like this:

 HS request is direct to tomcat - no apache up front.

 HandleServlet's doGet method parses the request and invokes a
 site-dependent LoginServer's checkLogin (e.g.) method, which
 implements some sort of site-dependent login.  The HandleServlet
 provides the request's parameters through some structure or class.

 The checkLogin either returns a userid or it sends back a bunch
 of html that initiates a user login.  Presumably this site class
 can read and write cookies as well.


Since Bob was the "main one beating the drum for this" it would be
kinda tragic if pubcookie wasn't ready to go right from the start.
Pubcookie doesn't right now do any java.  I'd like to get moving
toward the new and improved login as soon as possible.

Jim