Multiple login handlers and Shib-Authentication-Method attribute behavior

Chad La Joie lajoie at
Fri Sep 2 21:02:09 BST 2011

On Fri, Sep 2, 2011 at 12:59, Stefan Wold <ratler at> wrote:
> This means I can't rely on Shib-Authentication-Method do determine if
> the user logged in with a secure method to access some content. Have I
> misunderstood something here?

Which version of the IdP are you using?

> Another related question, I know it's possible to set a
> defaultAuthenticationMethod in RelyingParty, but is there anyway to
> enforce it rather than allowing the SP to override it?

No, the SP requirements are mandatory if they are given in the request.

Chad La Joie
trusted identities, delivered

More information about the users mailing list