Problem with SPNEGO after successfully kerberos auth
cantor.2 at osu.edu
Thu Apr 21 20:13:02 EDT 2016
> Scott, thanks.
> I understand now why the IdP is doing the right thing. I have access to
> configure the SP in the right way. The SP is using python-saml and in the conf
> I found this:
If that's Roland's code, and that's the default, it's probably worth suggesting that he change that.
> So, I will try setting requestedAuthnContext to false and try again. The
> metadata should stop to ask for urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
It's not in any metadata, it's the actual request from the SP.
More information about the users