authn/flows
Cantor, Scott
cantor.2 at osu.edu
Mon May 15 18:14:59 EDT 2017
> Simpler might be a necessary stepping stone on the way to complexer. If
> you could tell me how you did it, I think that would be a great help.
Take what's there and use a script like this, which is much shorter.
nextFlow = "authn/Duo";
// Go to second factor if we have to.
authCtx = input.getSubcontext("net.shibboleth.idp.authn.context.AuthenticationContext");
mfaCtx =
authCtx.getSubcontext("net.shibboleth.idp.authn.context.MultiFactorAuthenticationContext");
if (mfaCtx.isAcceptable()) {
nextFlow = null;
}
nextFlow; // pass control to second factor or end with the first
In English, that's saying "Check to see if the current result is sufficient to meet the service's requirements. If so, stop. If not, run the Duo flow."
-- Scott
More information about the users
mailing list