Changing MCB assurance level per SP and by "risk" (source IP)
Paul Hethmon
paul.hethmon at clareitysecurity.com
Mon Apr 7 09:16:03 EDT 2014
On Apr 4, 2014, at 6:07 PM, David Langenberg <davel at uchicago.edu<mailto:davel at uchicago.edu>> wrote:
values returned based on either the EntityID of the SP or the IP address of the user, but I'm not sure how that would play out with the IdPs caching of resolved attributes if the IDMS attribute's values change per authentication. That's more of a question for one of the Devs -- Devs?
The MCB code requests the "idms" attribute to be resolved when authentication happens. It does call into the Shib attribute resolver to do that work, so any caching there applies.
Paul
Paul Hethmon
Chief Software Architect
paul.hethmon at clareitysecurity.com<mailto:paul.hethmon at clareitysecurity.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140407/e69e7cf0/attachment.html
More information about the users
mailing list