IdP Session ID question
Mak, Steve
makst at upenn.edu
Fri May 8 17:14:00 UTC 2020
Hi all,
I have a request from our security dept to include IdP Session ID in the audit logs and I had some concerns before doing that.
1. How sensitive is the idp session id value?
2. Has anyone written a script to perform a one-way hash on the value for logging purposes?
3. Does the idp session id sensitivity change if we have idp.session.consistentAddress = false ?
Thank you in advance,
Steven Mak | Application Developer
University of Pennsylvania - ISC IAM
3401 Walnut St, Philadelphia PA 19104
T: 215-573-7214
More information about the users
mailing list