IdP's Session Cookie
Paul Hethmon
paul.hethmon at clareitysecurity.com
Thu Nov 1 09:14:34 EDT 2012
Michael,
I'm pretty sure that session cookie is set regardless of the
PreviousSession handler being there or not. Even if session time is set to
0, I think it gets set. It's just immediately invalid.
Paul
On 10/31/12 11:36 PM, "Michael A Grady" <mgrady at unicon.net> wrote:
>If the PreviousSession handler is "turned off" (commented out in
>handler.xml), is there ever a time when an IdP session cookie
>(_idp_session) would still get written to the user's browser for any
>reason?
>
>--
>Michael A. Grady
>Senior IAM Consultant, Unicon, Inc.
>
>--
>To unsubscribe from this list send an email to
>users-unsubscribe at shibboleth.net
More information about the users
mailing list