Override SP RequestedAuthnContext on IdP per entity?

Brian Mathis brian.mathis at gmail.com
Thu Oct 26 19:11:48 EDT 2017

I have an application (that I have no control over) sending an
AuthnRequest that includes the following:

    <samlp:RequestedAuthnContext Comparison="exact">

I'm not offering PasswordProtectedTransport in my IdP.  I was able to
use general-authn.xml to "fake out" the SP by adding the
PasswordProtectedTransport bean to another AuthenticationFlow, but
this would apply to all relying-parties, and I prefer to target only
the entity that needs it if possible.

Is there a way to override this for a single entity?  Are there
conditionals that can be used in general-authn.xml, or somewhere else?

Thank you
~ Brian

More information about the users mailing list