...
- RedirectGeneration: Shibboleth and its web environment must be properly configured for redirects to work
- ServiceProviderHandlersServiceProviderHandler: URL-invoked functions implemented by the SP software
- SessionInitiatorsSessionInitiator: Handler function that handles the creation of an AuthnRequest, may be triggered automatically when accessing protected content or by an application at runtime
- AttributeAcceptancePolicy: Defines attributes and rules for processing them by an SP
- AddressChecking: Policies applied by the SP to enforce a consistent client network address across requests, making session theft harder by requiring source address spoofing
- RelayState: Mechanism for SP to remember information about the resource request during an AuthnRequest
- SpoofingBug: Details regarding potential vulnerabilities arising from header spoofing.