You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

Sessions in most non-HTTP applications involve network connection setup and maintenance, and security is often scoped to the network connection. With HTTP applications, state management and security are often layered on top within the application, and create a lot of additional complexity.

Shibboleth Discussion Fodder

  • Application-Managed vs. Infrastructure-Managed
    • Initiating
    • Timeouts
    • Logout Implications
  • Any security threats unique to federation?
  • No labels