Force Specific RequestedAuthnContext Comparison Operator

Cantor, Scott cantor.2 at
Fri Apr 19 16:39:39 EDT 2019

That would also be causing it to violate the standard by abusing the definition of the operator that was specifically requested.

Taking things that far you could just easily point its requests at the unsolicited endpoint via a CGI script, ignore the request altogether, and force the behavior you wanted at the IdP to begin with. It's not kosher, but our preference is to keep the IdP conformant and push that sort of breaking behavior outside of the system.

-- Scott

More information about the users mailing list