shib-cas-authn2 and forceAuthn
Cantor, Scott
cantor.2 at osu.edu
Mon Sep 8 23:41:40 EDT 2014
On 9/8/14, 11:37 PM, "Scott Koranda" <skoranda at gmail.com> wrote:
>
>I also looked in detail at the code for CasLoginHandler. I expected
>that during the constructor call I would see
>
>setSupportsForceAuthentication()
>
>and
>
>setSupportsPassive()
>
>They are not invoked there but instead are invoked during login().
>Will that work? I would have thought that the IdP needs to know at the
>time it creates the login handler whether or not it supports forced
>reauthentication and isPassive. What am I missing?
I can't speak to that handler, but I can confirm that those do have to be
set at construction time, the IdP walks the handler list looking for one
that reports it can support it.
For the handlers in the IdP, it's controlled with an XML attribute in the
LoginHandler element.
-- Scott
More information about the users
mailing list