shibboleth-dev - RE: Shib 2.0 Authentication Handler Interface
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: <>
- Subject: RE: Shib 2.0 Authentication Handler Interface
- Date: Tue, 14 Nov 2006 10:01:02 -0500
- Organization: The Ohio State University
> Now, that said, I'm not sure why a developer would need to touch the
> *IdP* session in order to integrate with another AuthN system. I can
> understand them needing to touch the session from the something like
> another SSO system, but that's not what I'm talking about here. I'm
> only referring to the HttpSession maintained by the IdP.
In other words, this restriction doesn't preclude the handler dropping
cookies on its own, but it can't manipulate any state associated with the
IdP's cookie?
Also, correct me if I'm wrong, but I think the IdP session you're talking
about is using its own session mechanism (to make sure clustering is
handled) and not the servlet session.
-- Scott
- Shib 2.0 Authentication Handler Interface, Chad La Joie, 11/10/2006
- Re: Shib 2.0 Authentication Handler Interface, Velpi, 11/14/2006
- Re: Shib 2.0 Authentication Handler Interface, Chad La Joie, 11/14/2006
- RE: Shib 2.0 Authentication Handler Interface, Scott Cantor, 11/14/2006
- Re: Shib 2.0 Authentication Handler Interface, Chad La Joie, 11/14/2006
- RE: Shib 2.0 Authentication Handler Interface, Scott Cantor, 11/14/2006
- Re: Shib 2.0 Authentication Handler Interface, Chad La Joie, 11/14/2006
- Re: Shib 2.0 Authentication Handler Interface, Chad La Joie, 11/24/2006
- Re: Shib 2.0 Authentication Handler Interface, Velpi, 11/14/2006
Archive powered by MHonArc 2.6.16.