How is anything but your webserver decrypting the $_POST data? PHP should get it after that as is. Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com VamVan wrote: > SSO process: > > $_POST the Email Address and password > > Get Authenticated, Get the COOKIE ( Through Oracle IDM suite SOAP call) > > Decrypt the COOKIE ( Through Oracle Enterprise business suite SOAP call) > > and get the profile Info > > Thats what happens now. > > But there is a glitch in the decryption algorithm we currently have. And > when we decrypt + or some thing else comes with funny characters and does > not authenticate. > > So I need to restrict them for now. When the algorithm gets corrected then I > will use standard RFC. > > > > > On Tue, Oct 28, 2008 at 5:41 PM, Micah Gersten <micah@xxxxxxxxxxx> wrote: > > >> What are you talking about with a cookie and an E-Mail address? >> >> Thank you, >> Micah Gersten >> onShore Networks >> Internal Developer >> http://www.onshore.com >> >> >> >> VamVan wrote: >> >>> Yeah, I understand that its allowed in RFC. But unfortunately I use >>> SSO layer which decrypts the Cookie to get email address. >>> >>> This is where it messes up. So I have decided not to allow people to >>> use that as well. >>> >>> Thanks >>> >>> >>> > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
