Shibboleth Developers

["Scott Cantor" <>]

Scott Cantor wrote on 2009-12-07:
> A clean FF on Windows works, so I need to go back and do some additional

False alarm. What works is FF with third party cookies, and that happens to 
be the default. It's nothing to do with any plugins, I used a fresh install 
with none added, but did have to change the privacy settings to break it.

You all can have a debate about whether that matters or not, I suppose, but 
all I was after is factual data, not answering the larger questions.

Another interesting point is that Safari on Windows has different behavior 
than FF in that it will *send* pre-existing third party cookies to a site but 
not change them. So you can get logout to work because it will send the SP 
session cookie that's set outside the frame, but the SP can't actually clear 
the cookie during the logout.

I will put a page together somewhere that starts to document this stuff in a 
matrix because it's a mess.

Adam, I appreciate you tweaking the demo, it filled in some gaps for me.

-- Scott