additional info in the rp rqst & reauth by idp

Paul Hethmon paul.hethmon at
Mon Nov 26 14:01:45 EST 2012

1. Not supported with Shibboleth. Meaning you can send what you want but nothing will pay any attention to it.
2. SAML provides an option called forceAuthn which tells the IdP to force re-authentication. How you achieve that depends on your RP/SP software.


From: C G <ci_98yr at<mailto:ci_98yr at>>
Reply-To: Shibboleth Users <users at<mailto:users at>>
Date: Monday, November 26, 2012 1:58 PM
To: Shibboleth Users <users at<mailto:users at>>
Subject: additional info in the rp rqst & reauth by idp

1. RP/SP need to send some changing (dynamic) text (info) to the idp while requesting auth
2. idp needs to reauthenticate if a specific request from RP is indicating for rechallenge,  otherwise normal SSO

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list