Multiple login handlers and Shib-Authentication-Method attribute behavior

Stefan Wold ratler at
Fri Sep 2 21:10:56 BST 2011

On 09/02/2011 10:02 PM, Chad La Joie wrote:
> On Fri, Sep 2, 2011 at 12:59, Stefan Wold<ratler at>  wrote:
>> This means I can't rely on Shib-Authentication-Method do determine if
>> the user logged in with a secure method to access some content. Have I
>> misunderstood something here?
> Which version of the IdP are you using?
I'm running version 2.3.2.

>> Another related question, I know it's possible to set a
>> defaultAuthenticationMethod in RelyingParty, but is there anyway to
>> enforce it rather than allowing the SP to override it?
> No, the SP requirements are mandatory if they are given in the request.

Stefan Wold

More information about the users mailing list