Thanks for the update. Yes, that's correct. We assume HTTPS transport and set the Secure cookie flag. HTTPS is the recommended transport. If you're using HTTP then the Secure flag cannot be set (ie SessionIDDelegates.SecureSAMLCookie = false).
Regards ComponentSpace Development
|