REFEDS authnContextClass ?

Scott Gilbert sgilbert at
Wed Feb 19 13:30:54 EST 2020

Shib IdP 3.4.6

I have made the necessary config changes re REFEDS MFA to the and general-authn.xml files outlined on the shibcas plug-in

Duo is working ok but it doesn't look like I am getting MFA validation in
the idp-process.log. Not sure why the shibcas plug-in instructions say to
state PasswordProtectedTransport other than thats the default.

2020-02-18 11:08:38,777 -  - INFO
- Overriding the principal authn context class ref to

2020-02-18 11:08:38,777 -  - INFO
- The final requested authn context class ref principals are

I know the shibcas plug-in is probably outside the realm of this list but
is there a way to get some validation that authn is passwordprotected or
mfa. Is there a bean I can add to relying party maybe get something back in
the SAML? Or perhaps add another class ref to the general-authn.xml file?

Scott Gilbert
IAM System Admin
ETS Enterprise Technology Services
University of California Santa Barbara
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list