IdP's Session Cookie

Paul Hethmon paul.hethmon at
Thu Nov 1 09:14:34 EDT 2012


I'm pretty sure that session cookie is set regardless of the
PreviousSession handler being there or not. Even if session time is set to
0, I think it gets set. It's just immediately invalid.


On 10/31/12 11:36 PM, "Michael A Grady" <mgrady at> wrote:

>If the PreviousSession handler is "turned off" (commented out in
>handler.xml), is there ever a time when an IdP session cookie
>(_idp_session) would still get written to the user's browser for any
>Michael A. Grady
>Senior IAM Consultant, Unicon, Inc.
>To unsubscribe from this list send an email to
>users-unsubscribe at

More information about the users mailing list