MFA Transition nextFlowStrategy-ref question IdP3.3.0
O'Dowd, Josh
Josh.O'Dowd at mso.umt.edu
Wed Dec 21 15:19:02 EST 2016
I don't want to seem like a weekly pest, which would be understandable given my activity on this forum over the past few weeks, but...
I have 2 "potential" secondary factors in our MFA, both of which require decision logic to determine 'flow', or 'no-flow', and the second does not depend on the first. In other words, the authentication factors could go 1st-2nd-3rd, 1-2, 1-3, or just 1. My initial though was to find out if I could have a nextFlowStrategy return a flow id OR another strategy-ref. But that doesn't work. Or should it, and I just didn't do it right. I didn't find that kind of available functionality in the MFA docs.
So the transitioning logic looks like (where flow#1 is the entry flow):
* IF flow#1 THEN strategy-A
* strategy-A: IF true THEN flow#2 ELSE strategy-B
* IF flow#2 THEN strategy-B
* strategy-B: IF true THEN flow#3 ELSE null to end MFA
It would be nice if a strategy could reference another strategy, but I am looking for a "clean" alternative idea.
Thanks for the time. Merry Christmas to you guys!
Josh O'Dowd
Software Systems Engineer / Identity Access Management
Central IT, University of Montana
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20161221/aa5ddd36/attachment.html>
More information about the users
mailing list