Forcing MFA for some SPs and not Others
Ullfig, Roberto Alfredo
rullfig at uic.edu
Fri Aug 13 16:55:42 UTC 2021
Is there a way for Shibboleth to create different cookies for different SPs? For instance, if I force MFA on an application on the IDP side I can easily get around MFA by logging into another SP that doesn't require MFA first because I've already identified myself.
---
Roberto Ullfig - rullfig at uic.edu
Systems Administrator
Enterprise Applications & Services | Technology Solutions
University of Illinois - Chicago
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20210813/b8eca685/attachment.htm>
More information about the users
mailing list