Force Specific RequestedAuthnContext Comparison Operator
Cantor, Scott
cantor.2 at osu.edu
Fri Apr 19 16:39:39 EDT 2019
That would also be causing it to violate the standard by abusing the definition of the operator that was specifically requested.
Taking things that far you could just easily point its requests at the unsolicited endpoint via a CGI script, ignore the request altogether, and force the behavior you wanted at the IdP to begin with. It's not kosher, but our preference is to keep the IdP conformant and push that sort of breaking behavior outside of the system.
-- Scott
More information about the users
mailing list