SOAP SLO handler: what would it be used for?
cantor.2 at osu.edu
Wed Apr 16 18:53:52 EDT 2014
On 4/16/14, 6:33 PM, "Andrew Morgan" <morgan at orst.edu> wrote:
>Or should I just remove the DefaultRelyingParty entirely so that only
>enumerated RPs have access? How do I handle InCommon SPs then?
That wouldn't be typical. You can't limit anything to InCommon in the IdP
without using deprecated approaches that would not be encouraged.
We don't design for blocking authentication to anybody you supply metadata
for, we assume you limit the attributes released afterwards.
If you need to block authentication, you can filter the metadata to start
with, or use a custom login handler.
More information about the users