Specify a default authentication context in Relying Party config
Cantor, Scott
cantor.2 at osu.edu
Mon Nov 30 10:52:52 EST 2015
On 11/30/15, 10:07 AM, "users on behalf of Michael A Grady" <users-bounces at shibboleth.net on behalf of mgrady at unicon.net> wrote:
>How can I set a particular default authentication context in relying-party.xml? I was trying to use the property p:defaultAuthenticationContexts, modeling after the examples for setting p:nameIDFormatPrecedence, but that raises an error, because I hadn't noticed at first that the defaultAuthenticationContexts list values need to be of type 'AuthnContextClassRefPrincipal', not simple string values. The goal is to set a default of a context like 'http://www.duosecurity.com/', requiring 2FA for that SP.
Just supply a list of beans of that type. Same syntax as the equivalent collection property in general-authn.xml
-- Scott
More information about the users
mailing list