Stateless Login Handler Stickiness
Nate Klingenstein
ndk at internet2.edu
Wed Feb 6 16:28:30 EST 2013
Thanks to you and Christopher both. I've added a paragraph about this to the IdPStatelessClustering Wiki page where I would've expected to find this information. I can't any good place to put it on the IdPClusterIntro page and this should suffice.
https://wiki.shibboleth.net/confluence/display/SHIB2/IdPStatelessClustering
On 6 Feb 2013, at 21:16, "Cantor, Scott" <cantor.2 at osu.edu>
wrote:
>> If an IdP uses a stateless login handler like the one developed by OSU, is
>> there a need for any session stickiness at all?
>
> Yes.
>
>> Specifically, it's my understanding that the login/response generation
>> process as a whole requires server-side statefulness(destination SP, etc.
>> persisted in the IdP session) even if the login handler manages
>> authentication state using a client-side state persistence mechanism like
>> cookies. Is that right, making ~5 minute session stickiness a requirement
>> even in this case?
>
> Absolutely. That's not changing, we explicitly ruled out trying to avoid that requirement for V3. The conversation state is going to be server side.
>
> -- Scott
>
>
>
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>
More information about the users
mailing list