finding initial time of an idp session?
fox at washington.edu
Fri Mar 20 20:03:44 EDT 2020
For compromised accounts we have a disuser..reuser mechanism that disables
a user's login until they have reset their password (and other stuff).
After they get reusered we want them to be able to log in as normal, but still
deny access for any earlier created sessions. Since our sessions are carried
in cookies it seems like I need to determine the time a password session was created.
(This would be in the mfa script.)
Would that info be available through the AuthenticationContext -> getActiveResults()?
More information about the users