CAS protocol and auditContext during MDA authn flow
Cantor, Scott
cantor.2 at osu.edu
Sat May 2 17:40:36 EDT 2020
On 5/2/20, 5:21 PM, "users on behalf of Michael A Grady" <users-bounces at shibboleth.net on behalf of mgrady at unicon.net> wrote:
> But just discovered that if one adds in usage of the CAS protocol, that auditContext does not appear to exist yet, so
> auditCtx ends up null.
I don't know why that's the case, but...
> That's, of course, easy enough to account for as follows:
No, just do:
auditCtx = input.getSubcontext("net.shibboleth.idp.profile.context.AuditContext", true);
I think this would be fairly confusing to include for SAML, which already has log fields that capture this more effectively, including the request side in V4.
You should never deduce anything from the names of login flows. Always operate on names Principals, never directly on methods that lead to them. That's brittle.
-- Scott
More information about the users
mailing list