ForceAuthn and RemoteUser handler
cantor.2 at osu.edu
Mon Oct 30 16:17:02 EDT 2017
On 10/30/17, 4:08 PM, "users on behalf of Matthew Slowe" <users-bounces at shibboleth.net on behalf of M.Slowe at kent.ac.uk> wrote:
> This IDP instance is only talking to MS so I don't mind *quite* so much
Well, that obviously changes the picture. I'd just change the setting and report the bug.
> My thinking was that the Shibboleth IDP could handle the ForceAuthn fine
> and pass on the actual authentication like it can do for things like CAS.
ForceAuthn is ultimately a function of the system you defer to.
> We did... we chose SimpleSAMLphp as our central SSO but have had to hang
> Shibboleth off to the side to cope with Office365... this seemed like
> the most elegant solution to keeping it seamless until recently.
Seems like ADFS might be the best "one-off to run for Office365".
More information about the users