HTTP POST Binding in session initiation

[Cantor, Scott]

On 9/20/11 10:44 PM, "Liam Hoekenga" <liamr at umich.edu> wrote:
>
>It seems like we should thus remove HTTP-POST-SimpleSign and HTTP-POST
>SingleSignOnService bindings from our IdP metadata?

Certainly if they don't work, but the IdP captures that state and tracks
it internally, and I'm not sure why your SSO would be in front of the
POST. The URLs to protect are limited to the login handlers in general.

-- Scott