IDP3/4 -> read (&write) custom session cookie for authentication

Cantor, Scott cantor.2 at
Wed Apr 22 08:43:13 EDT 2020

On 4/22/20, 2:44 AM, "users on behalf of Käfer Thomas" <users-bounces at on behalf of thomas.kaefer at> wrote:

> I'd like to ask you for pointers how to best (easiest) port my Shibboleth idp2 custom session cookie (set and read on our > superdomain by some legacy applications) to the very much different idp3/4 implementations.

You would have to be much more explicit about the purpose behind this. I wouldn't do it at all, but it definitely can't be anything to do with "sessions", thatv would be a total disaster. Don't even think about it.

Authentication and the session layer are entirely distinct.

I can do very little for free on list but with a basic idea of the intent I can probably make a general handwave about it.

-- Scott

More information about the users mailing list