AW: IdPV3 login page access to AuthnRequest
Cantor, Scott
cantor.2 at osu.edu
Tue Jul 28 09:32:36 EDT 2015
On 7/28/15, 3:38 AM, "users on behalf of Roehrl Patrick" <users-bounces at shibboleth.net on behalf of patrick.roehrl at inet-logistics.com> wrote:
>Thanks for your reply!
>We needed the AssertionConsumerUrl for our password update process. Short description of the process:
>1. At the IdP a password update error gets thrown and the user will be redirected with an encrypted one time login token (contains among other things the assertion consumer url) to another web application to update his password
>2. user updates his password and then the user gets redirected to the assertion consumer url (which is in our case the same as the webapplication entry point)
Why not just interrupt the login process and then redirect back to the IdP to pick up the web flow where it left off? All you need to do that is readily available, the flowExcutionUrl.
I don't think what you're doing makes a lot of sense, but be that as it may, the ACS endpoint information can be found in a complex context tree located under profileRequestContext.getOutboundMessageContext()
I don't have the complete tree handy to my mind, and it's not documented at this point.
-- Scott
More information about the users
mailing list