Ex: Re: idp 4 upgrade, tuning MFA implementation

Paul B. Henson henson at cpp.edu
Sat Apr 25 22:10:47 EDT 2020

> From: Cantor, Scott
> Sent: Friday, April 24, 2020 4:46 PM
> The general-authn.xml file lays out the Principals that are auto-attached in
> most cases to the Subject created by the authentication flows of each type.

Ah, ok, like the authn/Password flow lists urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport and urn:oasis:names:tc:SAML:2.0:ac:classes:Password, while the authn/Duo lists https://refeds.org/profile/mfa in my config.

> Everything that isn't "impl" is an API package. And the place to start are the
> context objects that make up the tree, primarily the ProfileRequestContext,
> AuthenticationContext, RelyingPartyContext, AttributeContext, etc. All the
> I think the documentation on developing login flows is the best material
> there is.

Cool, thanks for the tips and hints.

> You just have to add id="something" to the element. Those are native Spring

Easy enough. I think I've got enough rope now to see what I can do with it :).

More information about the users mailing list