HTTP POST Binding in session initiation

Liam Hoekenga liamr at
Wed Sep 21 15:39:12 BST 2011

>> Do all of the login handlers lie behind /idp/AuthnEngine/ or /idp/Authn/ ?
> The bundled ones do, I can't speak to what you're doing. If you're using
> the RemoteUser handler, then the only thing to protect is that URL. You
> don't protect the AuthnEngine.

Excellent!  Thank you very much!


More information about the users mailing list