SPBackDoor question

Kevin P. Foote kpfoote at iup.edu
Thu Nov 29 15:41:18 EST 2012

I'm beginning to tinker with the SPBackDoor feature introduced in 2.5
and I'd like to make sure I'm reading the available docs correctly.

I have set up the ExternalAuth handler in my config file. From what I
read my auth script code, whatever it is based on openid or something
else, needs to POST back a mocked up assertion to the location specified
in the handler definition. Once this is POSTed back then the SP acts as
normal and process the mocked assertion just as it does ones coming in
from an IdP .. obviously minus the security checks etc.

Am I conceptualizing the ExternalAuth handler correctly here?

Am I correct in thinking I do not need any other SessionInitiator
elements to use this?


More information about the users mailing list