Problem with SPNEGO after successfully kerberos auth

Maxi Fernández melvinsoft at
Thu Apr 21 17:57:05 EDT 2016

Scott, thanks.
I understand now why the IdP is doing the right thing. I have access to
configure the SP in the right way. The SP is using python-saml and in the
conf I found this:

// Authentication context.
// Set to false and no AuthContext will be sent in the AuthNRequest,
// Set true or don't present this parameter and you will get an
AuthContext 'exact'
// Set an array with the possible auth context values: array
'requestedAuthnContext': true,
// Allows the authn comparison parameter to be set, defaults to
'exact' if the setting is not present.
'requestedAuthnContextComparison': 'exact',

So, I will try setting requestedAuthnContext to false and try again. The
metadata should stop to ask for

I will let you know if I have luck. :)

Thanks again Scott,


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list