Issue: Using differents idp's to securize different hosts
Eduardo Fernandes
edufer at gmail.com
Mon Sep 12 22:17:30 BST 2011
Good point. A simpler solution could be also named session variable
(cookies) pool's. So I could assign session parameters to some kind of
"hosts family". Right now I don't see a clear example where you'd like to
share the cookies among different sites. It's peculiar since, as you've
said, the browser will never do that in a normal way. It is not clear this
behaviour from documentation. From a agnostic point of view it looks like a
security issue but with a quick workaround creating new applications.
Thanks again for your helpful comments.
Eduardo.
On Mon, Sep 12, 2011 at 11:02 PM, Cantor, Scott <cantor.2 at osu.edu> wrote:
> On 9/12/11 4:59 PM, "Eduardo Fernandes" <edufer at gmail.com> wrote:
> >I'll try it out. So I need a new application for each customer. Your idea
> >is clear. I supposed that the session cache would share entries only for
> >the hosts/alias in the same site.
>
> One of the possible future directions for 3.0 is to auto-generate certain
> kinds of overrides in some way, that being an obvious example.
>
> -- Scott
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20110912/01fb28a5/attachment.html
More information about the users
mailing list