Override SP RequestedAuthnContext on IdP per entity?

Cantor, Scott cantor.2 at osu.edu
Thu Oct 26 19:37:12 EDT 2017


On 10/26/17, 7:11 PM, "users on behalf of Brian Mathis" <users-bounces at shibboleth.net on behalf of brian.mathis at gmail.com> wrote:

> Is there a way to override this for a single entity?  Are there
> conditionals that can be used in general-authn.xml, or somewhere else?

Not elegantly, and honestly I'm not sure there's much point.

If you really don't want to support that context, then tell the SP to stop (and it should, that's dumb) but at this point you pretty much are supporting it. What is it that you want it to do? Fail if some other SP requests it? It might be better to just log what's been requested and flag it if you see it perhaps.

-- Scott




More information about the users mailing list