Force Specific RequestedAuthnContext Comparison Operator
cneberg
cneberg at gmail.com
Fri Apr 19 22:13:16 EDT 2019
What if no operator was explicitly requested? Ie no exact, minimum,
maximum or better was specified in the request. Does that change
anything? Is there a way to treat it as minimum rather than exact? Ie it
requires a password and I want to use a smart card.
Christopher
On Fri, Apr 19, 2019 at 3:39 PM Cantor, Scott <cantor.2 at osu.edu> wrote:
> That would also be causing it to violate the standard by abusing the
> definition of the operator that was specifically requested.
>
> Taking things that far you could just easily point its requests at the
> unsolicited endpoint via a CGI script, ignore the request altogether, and
> force the behavior you wanted at the IdP to begin with. It's not kosher,
> but our preference is to keep the IdP conformant and push that sort of
> breaking behavior outside of the system.
>
> -- Scott
>
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20190419/342977ee/attachment.html>
More information about the users
mailing list