additional info in the rp rqst & reauth by idp
Paul Hethmon
paul.hethmon at clareitysecurity.com
Mon Nov 26 14:01:45 EST 2012
1. Not supported with Shibboleth. Meaning you can send what you want but nothing will pay any attention to it.
2. SAML provides an option called forceAuthn which tells the IdP to force re-authentication. How you achieve that depends on your RP/SP software.
Paul
From: C G <ci_98yr at yahoo.com<mailto:ci_98yr at yahoo.com>>
Reply-To: Shibboleth Users <users at shibboleth.net<mailto:users at shibboleth.net>>
Date: Monday, November 26, 2012 1:58 PM
To: Shibboleth Users <users at shibboleth.net<mailto:users at shibboleth.net>>
Subject: additional info in the rp rqst & reauth by idp
1. RP/SP need to send some changing (dynamic) text (info) to the idp while requesting auth
2. idp needs to reauthenticate if a specific request from RP is indicating for rechallenge, otherwise normal SSO
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20121126/82617bc0/attachment.html
More information about the users
mailing list