SSO process: $_POST the Email Address and password Get Authenticated, Get the COOKIE ( Through Oracle IDM suite SOAP call) Decrypt the COOKIE ( Through Oracle Enterprise business suite SOAP call) and get the profile Info Thats what happens now. But there is a glitch in the decryption algorithm we currently have. And when we decrypt + or some thing else comes with funny characters and does not authenticate. So I need to restrict them for now. When the algorithm gets corrected then I will use standard RFC. On Tue, Oct 28, 2008 at 5:41 PM, Micah Gersten <micah@xxxxxxxxxxx> wrote: > What are you talking about with a cookie and an E-Mail address? > > Thank you, > Micah Gersten > onShore Networks > Internal Developer > http://www.onshore.com > > > > VamVan wrote: > > Yeah, I understand that its allowed in RFC. But unfortunately I use > > SSO layer which decrypts the Cookie to get email address. > > > > This is where it messes up. So I have decided not to allow people to > > use that as well. > > > > Thanks > > > > >
