MFA attribute for CAS serviceValidate
Marvin Addison
marvin.addison at gmail.com
Wed Apr 12 15:20:07 EDT 2017
On Wed, Apr 12, 2017 at 1:50 PM Cantor, Scott <cantor.2 at osu.edu> wrote:
> Scripts in the resolver have a "subjects" variable containing the array of
> Subjects produced by all the factors.
>
We have a scripted attribute definition that examines all the
AuthnContextClassRefPrincipals attached to _any_ subject found in the IdP
session, which is how we support conveying an LOA value to CAS clients over
back channel communication. Here's a gist you may find helpful:
https://gist.github.com/serac/c6901baa833aaca5be0d3932f63103a9
M
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170412/f9e8350b/attachment.html>
More information about the users
mailing list