Question about Unsolicited SSO and "idp.session.enabled = false"

Cantor, Scott cantor.2 at
Tue Mar 6 11:51:34 EST 2018

> Is it possible to have an IDP set to disable the IdP session layer but yet have
> (only) Unsolicited SSO respect previous established sessions?

I would hope it would be clear that that would be physically impossible, it's self-contradictory. There is nothing special about Unsolicited SSO, it's a proprietary, unsigned request. It's no different than any other request mechanically

-- Scott

More information about the users mailing list