Is it possible do different authentication based on different SP?
Cantor, Scott
cantor.2 at osu.edu
Thu Aug 16 10:00:04 EDT 2012
On 8/15/12 10:00 PM, "Kevin P. Foote" <kpfoote at iup.edu> wrote:
>
>Give the Engineering group an "engineering" attribute, and the sales
>folks a "sales" attribute at the IdP. On the SP side require one or the
>other for authz.
A less elegant and more brittle way that still avoids writing code:
- deploy separate login handlers
- use an AuthnContextClassRef in the request to map to one or the other
-- Scott
More information about the users
mailing list