idp.session.consistentAddress and real security implications.
Jim Fox
fox at washington.edu
Mon Apr 25 13:48:16 EDT 2016
>> We've been getting increasing complaints, especially from mobile users that
>> move between 4G/3G and wifi, that they are loosing their IdP SSO sessions.
>
> The consequence being (leaving logout aside) that they have to login more, but nothing actually breaks, right?
>
We do external authn and have gotten hit with this on the return to the IdP.
Jim
More information about the users
mailing list