Changing MCB assurance level per SP and by "risk" (source IP)
David Langenberg
davel at uchicago.edu
Fri Apr 4 18:22:46 EDT 2014
On Fri, Apr 4, 2014 at 4:20 PM, Cantor, Scott <cantor.2 at osu.edu> wrote:
> On 4/4/14, 5:06 PM, "David Langenberg" <davel at uchicago.edu> wrote:
> >
> >The SP needs to send the "assurance" requirement via the
> >AuthnContextClassRef field of the AuthRequest. You can't control on the
> >IdP side "SP X requests must do DUO".
>
> Was that established? I thought you could specify a
> defaultAuthenticationMethod for a relying party per usual and the MCB
> could at least see it.
>
I understood a recent post from Paul said no, it couldn't be done. Paul?
Dave
--
David Langenberg
Identity & Access Management
The University of Chicago
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140404/297dc720/attachment.html
More information about the users
mailing list