updating satisfied authnContext based on server environment variables?
Liam Hoekenga
liamr at umich.edu
Thu Jan 26 12:28:34 EST 2017
We've implemented 2FA opt-in internal to our campus SSO.
Our IDP is currently using our campus SSO (Cosign) for authentication.
We've received a request to update the authnContext to reflect when someone
has authenticated using 2FA because of opt-in (instead of only showing it
if the SP has requested a different context).
Would it be possible / is it reasonable to assert a different authnContext
based on the factors satisfied by the external SSO? The Cosign SP does
reveal to the server environment what factors have been satisfied, and we
could try to pass that into Tomcat.
Liam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170126/02730e38/attachment.html>
More information about the users
mailing list