Massive authentications from SP GoogleApps

Cantor, Scott cantor.2 at
Tue Sep 3 10:40:18 EDT 2019

All it takes is a broken client. There is no way to avoid looping, they happen all the time with all services. The IdP could implement some kind of throttling, but it's a fine line and a lot of potential hassle to deal with if you have to respond to an incorrectly blocked client and "unblock" it, and most people don't want to oversee things at that level of detail.

It could also be handled in a lot of other ways at lower layers like the web server itself and that's probably more appropriate.

-- Scott

More information about the users mailing list