X509 authentication in MFA

Noriyuki TAKEI ntakei at sios.com
Tue Dec 4 18:33:37 EST 2018


Thanks for your qucik reply’s.I’ll try this solution you suggested.

2018年12月5日(水) 1:48 Nate Klingenstein <ndk at signet.id>:

> Noriyuki,
> > In short,the result of x509 Authentication determines whether or not the
> flow can proceed to next.
> This should be fairly straightforward to put together.  You would want to
> perform the X.509 check passively and then reselect the flow if there is no
> valid certificate presented.
> https://wiki.shibboleth.net/confluence/display/IDP30/X509AuthnConfiguration
> "The shibboleth.authn.X509.ClassifiedMessageMap bean is a map of error
> messages to classified error conditions that isn't generally used with this
> handler because it usually won't return with any contextual details, but
> there is a default mapping supplied that signals fall-through to other
> login flows if no certificate is found or the certificate fails optional
> validation. This is done by remapping those specific error events into a
> "ReselectFlow" event."
> Tale care,
> Nate.
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
武井 宜行
〒106-0047  東京都港区南麻布二丁目 12 番 3 号 サイオスビル
TEL:070-6569-1211 (直通) 03-6401-5117 (部代表)

(SIOS Technology):http://www.facebook.com/SIOSTechnology

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20181205/e0d66190/attachment.html>

More information about the users mailing list