shibboleth-dev - Re: Shib 2.0 Authentication Handler Interface
Subject: Shibboleth Developers
List archive
- From: Velpi <>
- To:
- Subject: Re: Shib 2.0 Authentication Handler Interface
- Date: Tue, 14 Nov 2006 11:16:00 +0100
- Organization: studentenvereniging Industria vzw
http://svn.middleware.georgetown.edu/view/trunk/src/edu/internet2/middleware/shibboleth/idp/authn/AuthenticationHandler.java?root=java-idp&view=markup
Comments/Questions?
----
AuthentcationHandlers <strong>MUST NOT</strong> change or add any data to the user's {@link HttpSession} that persists past the process of authenticating the user, that is no additional session data may be added and no existing session data may be changed when the handler redirects back to the return location.
----
This may a problem in some cases where deep integration is required. Is there a special reason why modifying the session is prohibited or is it just a precaution? ("you have been warned"?)
-- Velpi
- Shib 2.0 Authentication Handler Interface, Chad La Joie, 11/10/2006
- Re: Shib 2.0 Authentication Handler Interface, Velpi, 11/14/2006
- Re: Shib 2.0 Authentication Handler Interface, Chad La Joie, 11/14/2006
- RE: Shib 2.0 Authentication Handler Interface, Scott Cantor, 11/14/2006
- Re: Shib 2.0 Authentication Handler Interface, Chad La Joie, 11/14/2006
- RE: Shib 2.0 Authentication Handler Interface, Scott Cantor, 11/14/2006
- Re: Shib 2.0 Authentication Handler Interface, Chad La Joie, 11/14/2006
- Re: Shib 2.0 Authentication Handler Interface, Chad La Joie, 11/24/2006
- Re: Shib 2.0 Authentication Handler Interface, Velpi, 11/14/2006
Archive powered by MHonArc 2.6.16.