Forcing Duo by Service Provider
Andrew Morgan
morgan at orst.edu
Fri Mar 31 18:03:59 EDT 2017
On Fri, 31 Mar 2017, Cantor, Scott wrote:
> On 3/31/17, 5:45 PM, "users on behalf of Andrew Morgan" <users-bounces at shibboleth.net on behalf of morgan at orst.edu> wrote:
>
>> Adding this to my scripted attribute definition worked, even when it
>> was called from the MFA flow:
>
> You can do that, but the more "proper" form is just to populate the
> recipient field inside your MFA script and let the resolver just rely on
> it. Mainly so you don't have to worry about special casing that in every
> attribute script.
Where do I get the recipientID (entityID) from when I'm inside the MFA
flow? Do I get it from Michael's code snippet:
profileContext.getSubcontext("net.shibboleth.idp.profile.context.RelyingPartyContext").getRelyingPartyId();
Thanks,
Andy
More information about the users
mailing list