SOA Security

Cantor, Scott cantor.2 at
Mon Feb 23 10:06:04 EST 2015

On 2/23/15, 2:03 PM, "Arnal, Pascal" <Pascal.Arnal at> wrote:

>Could you please tell me how to set-up the components so the first SP 
>session or cookies are passed to the second SP? Is it related to Enhanced 
>Client or Proxy (ECP)?

You can't, that would be insecure.

It's delegation. The only delegation solution we implemented was in an 
extension [1] and we haven't ported that extension into V3 yet because 
adoption has been minimal.

And yes, it requires ECP in the REST client to use.

-- Scott


More information about the users mailing list