Is it possible do different authentication based on different SP?
Cantor, Scott
cantor.2 at osu.edu
Thu Aug 16 19:03:19 EDT 2012
On 8/16/12 6:53 PM, "Yaowen Tu" <yaowen.tu at gmail.com> wrote:
>
>I want to use different UserNamePassword Handler for both SPs. Can I
>define something like:
No, because you have the same context class in both. There's no difference.
>But I don't know how to specify it in AuthnContextClassRef. After reading
>the docuemnt, seems like AuthnContextClassRef only accept things like:
>
>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
I don't know what that means or is asking exactly.
>Is there a sample configuration that I can refer to?
No.
>Also is it possible to config it so IdP knows that all the AuthnReqeust
>that comes from SP1 will use LoginHandler1. So we don't need to specify
>it in the request any more.
No. If you want a login handler that does something based on the SP, you
will have to write one.
-- Scott
More information about the users
mailing list