disable consent for R&S SPs
Cantor, Scott
cantor.2 at osu.edu
Thu Feb 1 12:01:35 EST 2018
> Does anyone have such an config ready to disable the attribute-release
> postAuthenticationFlow IFF the the SP has the R&S entity attribute?
> I haven't even looked at the documentation yet, but if you have done
> that please share. On-list or added to the wiki is fine.
I believe there are examples in the wiki for the RelyingPartyByTag shortcut I did to assist with that.
The subtely with RelyingParty rules is that theere are some shortcuts there that make it look different from a standard activation condition but under the covers that's what it ultimate is, so those examples can also be made to apply, which is I believe what Keith is doing.
There are also always multiple places to do it. One could enable the interceptor for everybody, but have an activation condition attached to the flow descriptor that controls when it runs. It seemed like Keith was also doing that. Not sure why one would do both.
-- Scott
More information about the users
mailing list