Unsolicited SSO + ForceAuthen?
Cantor, Scott
cantor.2 at osu.edu
Mon Feb 26 12:30:37 EST 2018
> Is there any way to use the IdP Unsolicited SSO where we can set
> ForceAuthn for this app? I know it may be easily bypassed if it's in the URL or
> something, but we are trying to protect bad user behavior more than we are
> trying to guard against someone who wants to bypass ForceAuthn at the
> moment.
No, there's no property that will toggle on that setting internally. It hasn't been requested to date. I think there are some workarounds people may have come up with but I honestly don't recall any details. Certainly one workaround is generating a real request artifically, though it would have to be signed to be of any value.
-- Scott
More information about the users
mailing list