Unexpected behaviours with matchExpression and SPNEGO and RemoteUser
cantor.2 at osu.edu
Thu May 18 10:04:24 EDT 2017
> In general, what you're doing with the button is about one step short of
> deprecation. I'm not there just yet, but I am considering it. The MFA flow is
> how this should be handled now.
To be explicit: if you use that approach, you are entirely in control of how any event coming back from a login flow gets handled rather than leaving that up to the "core" IdP authentication behavior. Which is pretty much what you're asking for.
More information about the users