postAuthenticationFlowsLookupStrategy - activationCondition - rpUIContext
martin.lunze at tu-dresden.de
Tue Jul 2 02:23:02 EDT 2019
Am 20.06.19 um 14:27 schrieb Cantor, Scott:
> On 6/20/19, 4:02 AM, "users on behalf of Martin Lunze" <users-bounces at shibboleth.net on behalf of martin.lunze at tu-dresden.de> wrote:
>> Where do you think is a good place in your documentation?
>> Please let me know what you think about this solution :-)
>> Did i some mistakes or maybe there is a shorter and simpler solution?
> You can just attach an activationCondition directly to the consent flow descriptor in profile-intercept.xml when the condition for the flow is essentially global.
At the moment this condition is global for our productive-idp, but our
test-idp has some more restrictions and maybe they will later come true
for our productive-idp and then the rule is not anymore global.
But maybe this can be changed a bit, so the rule still become globally
true. I will see later.
> Touching relying-party.xml is a last resort these days for when nothing else fits. Every override added creates a problem later when something changes and the rules for the things that match the override split and turn into different rules, and the override count multiplies.
Thats why i have removed the overrides and using now only this one
DefaultRelyingParty with such nice LookupStrategies :-)
> -- Scott
Technische Universität Dresden
Zentrum für Informationsdienste und Hochleistungsrechnen (ZIH)
Operative Prozesse und Systeme (OPS)
Tel.: +49 (351) 463-35881
E-Mail: martin.lunze at tu-dresden.de
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 5742 bytes
Desc: S/MIME Cryptographic Signature
More information about the users