IdP 3.2 and multiple Duo Applications
Cantor, Scott
cantor.2 at osu.edu
Tue Dec 15 20:01:08 EST 2015
On 12/15/15, 7:12 PM, "users on behalf of Yavor Yanakiev" <users-bounces at shibboleth.net on behalf of yavor at nyu.edu> wrote:
>We use Duo integration based on Unicon/University of Chicago setup but it seems to have one crucial limitation: it doesn't support multiple Duo application. At the moment, the Duo arguments related to the application are provided by properties with fixed
> names which are hard coded into DuoAuthenticationService.groovy
I think that's largely impractical, based on my understanding, because you would need separate shared secrets and identification strings for every SP for that to work. One could build out some kind of table logic to handle it for a subset I guess, but it appears to just be largely impractical to me with their design. A flaw I think, but not sure it's really solvable.
-- Scott
More information about the users
mailing list