HTTP POST Binding in session initiation

Cantor, Scott cantor.2 at
Wed Sep 21 15:35:38 BST 2011

On 9/21/11 10:30 AM, "Liam Hoekenga" <liamr at> wrote:
>Do all of the login handlers lie behind /idp/AuthnEngine/ or /idp/Authn/ ?

The bundled ones do, I can't speak to what you're doing. If you're using
the RemoteUser handler, then the only thing to protect is that URL. You
don't protect the AuthnEngine.

-- Scott

More information about the users mailing list