Pooled IP access question

Mike Flynn shibbolethlynda at yahoo.com
Tue Apr 1 16:49:24 EDT 2014

I have a client whose IP address changes between requests.  I have been using my test system to let them work out their details.  I added consistentAddress="false" to my session stanza to allow them to test like this.  My question is, what is the security risk by allowing this?  Does it facilitate man in the middle attacks?  I just want to make sure I am not opening a can of worms here if I migrate that setting to production...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140401/130c2fa3/attachment.html 

More information about the users mailing list