ForceAuthn and RemoteUser handler

Matthew Slowe M.Slowe at
Mon Oct 30 16:10:27 EDT 2017

On Mon, Oct 30, 2017 at 02:02:55PM -0500, Liam Hoekenga wrote:
>    What SSO are you using to provide the REMOTE_USER information.  Do it have
>    a means for forcing reauthentication?
>    We're using some code we got from U-W that implements a forceAuthn capable
>    RemoteUser login handler, but the SSO you're tying it to has to support
>    it.

modmellon inside Apache which sets REMOTE_USER backed onto SimpleSAMLphp
IDP. SimpleSAMLphp can cope with ForceAuthn just fine, the problem seems
to be the RemoteUser+mellon combo.

Matthew Slowe | Server Infrastructure Officer
IT Infrastructure, Information Services, University of Kent
Room S21, Cornwallis South
Canterbury, Kent, CT2 7NZ, UK
Tel: +44 (0)1227 824265 | @UnikentUnseenIT | @UKCLibraryIt

More information about the users mailing list