SP 2.5 cookieProps
Cantor, Scott
cantor.2 at osu.edu
Wed Aug 8 16:15:37 EDT 2012
On 8/8/12 4:02 PM, "Peter Schober" <peter.schober at univie.ac.at> wrote:
>
>Also for the Sessions element the rules are explicitly spelled out to
>work as descibed by the OP:
>
> "If present in the override, the default element's attribute content
> is ignored."
That was me just adding it.
>Regarding one of these new warnings ("handlerSSL should be enabled for
>SSL/TLS-enabled web sites"): For SPs which need access to the
>assertion itself this might be slighly annoying when the GetAssertion
>handler might not be available via https and hence have set
>handlerSSL="false" even though the site is still https only.
Couldn't the handler still be available over SSL? It's not a given that it
won't be.
-- Scott
More information about the users
mailing list